diff options
Diffstat (limited to 'beagle/debian-rfs/etc')
96 files changed, 5720 insertions, 0 deletions
diff --git a/beagle/debian-rfs/etc/alternatives/README b/beagle/debian-rfs/etc/alternatives/README new file mode 100644 index 0000000..54ef740 --- /dev/null +++ b/beagle/debian-rfs/etc/alternatives/README @@ -0,0 +1,2 @@ +Please read the update-alternatives(8) man page for information on this +directory and its contents. diff --git a/beagle/debian-rfs/etc/apt/apt.conf.d/70debconf b/beagle/debian-rfs/etc/apt/apt.conf.d/70debconf new file mode 100644 index 0000000..0c8b4ca --- /dev/null +++ b/beagle/debian-rfs/etc/apt/apt.conf.d/70debconf @@ -0,0 +1,3 @@ +// Pre-configure all packages with debconf before they are installed. +// If you don't like it, comment it out. +DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt || true";}; diff --git a/beagle/debian-rfs/etc/apt/sources.list b/beagle/debian-rfs/etc/apt/sources.list new file mode 100644 index 0000000..08bb6b1 --- /dev/null +++ b/beagle/debian-rfs/etc/apt/sources.list @@ -0,0 +1 @@ +deb http://debootstrap.invalid/ squeeze main diff --git a/beagle/debian-rfs/etc/bash.bashrc b/beagle/debian-rfs/etc/bash.bashrc new file mode 100644 index 0000000..9ba3cac --- /dev/null +++ b/beagle/debian-rfs/etc/bash.bashrc @@ -0,0 +1,50 @@ +# System-wide .bashrc file for interactive bash(1) shells. + +# To enable the settings / commands in this file for login shells as well, +# this file has to be sourced in /etc/profile. + +# If not running interactively, don't do anything +[ -z "$PS1" ] && return + +# check the window size after each command and, if necessary, +# update the values of LINES and COLUMNS. +shopt -s checkwinsize + +# set variable identifying the chroot you work in (used in the prompt below) +if [ -z "$debian_chroot" ] && [ -r /etc/debian_chroot ]; then + debian_chroot=$(cat /etc/debian_chroot) +fi + +# set a fancy prompt (non-color, overwrite the one in /etc/profile) +PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ ' + +# Commented out, don't overwrite xterm -T "title" -n "icontitle" by default. +# If this is an xterm set the title to user@host:dir +#case "$TERM" in +#xterm*|rxvt*) +# PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME}: ${PWD}\007"' +# ;; +#*) +# ;; +#esac + +# enable bash completion in interactive shells +#if [ -f /etc/bash_completion ] && ! shopt -oq posix; then +# . /etc/bash_completion +#fi + +# if the command-not-found package is installed, use it +if [ -x /usr/lib/command-not-found -o -x /usr/share/command-not-found ]; then + function command_not_found_handle { + # check because c-n-f could've been removed in the meantime + if [ -x /usr/lib/command-not-found ]; then + /usr/bin/python /usr/lib/command-not-found -- $1 + return $? + elif [ -x /usr/share/command-not-found ]; then + /usr/bin/python /usr/share/command-not-found -- $1 + return $? + else + return 127 + fi + } +fi diff --git a/beagle/debian-rfs/etc/bash_completion.d/debconf b/beagle/debian-rfs/etc/bash_completion.d/debconf new file mode 100644 index 0000000..1880689 --- /dev/null +++ b/beagle/debian-rfs/etc/bash_completion.d/debconf @@ -0,0 +1,12 @@ +have debconf-show && +_debconf_show() +{ + local cur + + COMPREPLY=() + cur=${COMP_WORDS[COMP_CWORD]} + COMPREPLY=($( compgen -W '--listowners --listdbs --db=' -- $cur ) \ + $( apt-cache pkgnames -- $cur ) ) +} +complete -F _debconf_show debconf-show + diff --git a/beagle/debian-rfs/etc/bash_completion.d/insserv b/beagle/debian-rfs/etc/bash_completion.d/insserv new file mode 100644 index 0000000..68c0ef3 --- /dev/null +++ b/beagle/debian-rfs/etc/bash_completion.d/insserv @@ -0,0 +1,36 @@ +# insserv(8) completion +# +# Copyright (c) 2009 Kel Modderman <kel@otaku42.de> +# + +have insserv && +_insserv() +{ + local cur prev sysvdir services options + + cur=`_get_cword` + prev=${COMP_WORDS[COMP_CWORD-1]} + + [ -d /etc/rc.d/init.d ] && sysvdir=/etc/rc.d/init.d \ + || sysvdir=/etc/init.d + + services=( $(echo $sysvdir/!(README*|*.dpkg*|*.rpm@(orig|new|save))) ) + services=( ${services[@]#$sysvdir/} ) + options=( -c --config -d -f -n -o --override -p --path -r -v ) + + case "$prev" in + -c|--config) + _filedir + ;; + -o|--override|-p|--path) + _filedir -d + ;; + *) + COMPREPLY=( $( compgen -W '${options[@]} ${services[@]}' -- \ + $cur ) ) + ;; + esac + + return 0 +} && +complete -F _insserv insserv diff --git a/beagle/debian-rfs/etc/bindresvport.blacklist b/beagle/debian-rfs/etc/bindresvport.blacklist new file mode 100644 index 0000000..c3ef62c --- /dev/null +++ b/beagle/debian-rfs/etc/bindresvport.blacklist @@ -0,0 +1,13 @@ +# +# This file contains a list of port numbers between 600 and 1024, +# which should not be used by bindresvport. bindresvport is mostly +# called by RPC services. This mostly solves the problem, that a +# RPC service uses a well known port of another service. +# +631 # cups +636 # ldaps +774 # rpasswd +873 # rsync +921 # lwresd +993 # imaps +995 # pops diff --git a/beagle/debian-rfs/etc/cron.daily/dpkg b/beagle/debian-rfs/etc/cron.daily/dpkg new file mode 100755 index 0000000..99f4f6b --- /dev/null +++ b/beagle/debian-rfs/etc/cron.daily/dpkg @@ -0,0 +1,10 @@ +#!/bin/sh + +# Backup the 7 last versions of dpkg's status file +if cd /var/backups ; then + if ! cmp -s dpkg.status.0 /var/lib/dpkg/status ; then + cp -p /var/lib/dpkg/status dpkg.status + savelog -c 7 dpkg.status >/dev/null + fi +fi + diff --git a/beagle/debian-rfs/etc/cron.daily/passwd b/beagle/debian-rfs/etc/cron.daily/passwd new file mode 100755 index 0000000..4778bf0 --- /dev/null +++ b/beagle/debian-rfs/etc/cron.daily/passwd @@ -0,0 +1,9 @@ +#!/bin/sh + +cd /var/backups || exit 0 + +for FILE in passwd group shadow gshadow; do + test -f /etc/$FILE || continue + cmp -s $FILE.bak /etc/$FILE && continue + cp -p /etc/$FILE $FILE.bak && chmod 600 $FILE.bak +done diff --git a/beagle/debian-rfs/etc/debconf.conf b/beagle/debian-rfs/etc/debconf.conf new file mode 100644 index 0000000..549c1d5 --- /dev/null +++ b/beagle/debian-rfs/etc/debconf.conf @@ -0,0 +1,83 @@ +# This is the main config file for debconf. It tells debconf where to +# store data. The format of this file is a set of stanzas. Each stanza +# except the first sets up a database for debconf to use. For details, see +# debconf.conf(5) (in the debconf-doc package). +# +# So first things first. This first stanza gives the names of two databases. + +# Debconf will use this database to store the data you enter into it, +# and some other dynamic data. +Config: configdb +# Debconf will use this database to store static template data. +Templates: templatedb + +# World-readable, and accepts everything but passwords. +Name: config +Driver: File +Mode: 644 +Reject-Type: password +Filename: /var/cache/debconf/config.dat + +# Not world readable (the default), and accepts only passwords. +Name: passwords +Driver: File +Mode: 600 +Backup: false +Required: false +Accept-Type: password +Filename: /var/cache/debconf/passwords.dat + +# Set up the configdb database. By default, it consists of a stack of two +# databases, one to hold passwords and one for everything else. +Name: configdb +Driver: Stack +Stack: config, passwords + +# Set up the templatedb database, which is a single flat text file +# by default. +Name: templatedb +Driver: File +Mode: 644 +Filename: /var/cache/debconf/templates.dat + +# Well that was pretty straightforward, and it will be enough for most +# people's needs, but debconf's database drivers can be used to do much +# more interesting things. For example, suppose you want to use config +# data from another host, which is mounted over nfs or perhaps the database +# is accessed via LDAP. You don't want to write to the remote debconf database, +# just read from it, so you still need a local database for local changes. +# +# A remote NFS mounted database, read-only. It is optional; if debconf +# fails to use it it will not abort. +#Name: remotedb +#Driver: DirTree +#Directory: /mnt/otherhost/var/cache/debconf/config +#Readonly: true +#Required: false +# +# A remote LDAP database. It is also read-only. The password is really +# only necessary if the database is not accessible anonymously. +# Option KeyByKey instructs the backend to retrieve keys from the LDAP +# server individually (when they are requested), instead of loading all +# keys at startup. The default is 0, and should only be enabled if you +# want to track accesses to individual keys on the LDAP server side. +#Name: remotedb +#Driver: LDAP +#Server: remotehost +#BaseDN: cn=debconf,dc=domain,dc=com +#BindDN: uid=admin,dc=domain,dc=com +#BindPasswd: secret +#KeyByKey: 0 +# +# A stack consisting of two databases. Values will be read from +# the first database in the stack to contain a value. In this example, +# writes always go to the first database. +#Name: fulldb +#Driver: Stack +#Stack: configdb, remotedb +# +# In this example, we'd use Config: fulldb at the top of the file +# to make it use the combination of the databases. +# +# Even more complex and interesting setups are possible, see the +# debconf.conf(5) page for details. diff --git a/beagle/debian-rfs/etc/debian_version b/beagle/debian-rfs/etc/debian_version new file mode 100644 index 0000000..5fe6072 --- /dev/null +++ b/beagle/debian-rfs/etc/debian_version @@ -0,0 +1 @@ +6.0.1 diff --git a/beagle/debian-rfs/etc/default/bootlogd b/beagle/debian-rfs/etc/default/bootlogd new file mode 100644 index 0000000..210f852 --- /dev/null +++ b/beagle/debian-rfs/etc/default/bootlogd @@ -0,0 +1,2 @@ +# Run bootlogd at startup ? +BOOTLOGD_ENABLE=No diff --git a/beagle/debian-rfs/etc/default/devpts b/beagle/debian-rfs/etc/default/devpts new file mode 100644 index 0000000..e10e371 --- /dev/null +++ b/beagle/debian-rfs/etc/default/devpts @@ -0,0 +1,5 @@ +# GID of the `tty' group +TTYGRP=5 + +# Set to 600 to have `mesg n' be the default +TTYMODE=620 diff --git a/beagle/debian-rfs/etc/default/halt b/beagle/debian-rfs/etc/default/halt new file mode 100644 index 0000000..21bc119 --- /dev/null +++ b/beagle/debian-rfs/etc/default/halt @@ -0,0 +1,2 @@ +# Default behaviour of shutdown -h / halt. Set to "halt" or "poweroff". +HALT=poweroff diff --git a/beagle/debian-rfs/etc/default/tmpfs b/beagle/debian-rfs/etc/default/tmpfs new file mode 100644 index 0000000..10820ae --- /dev/null +++ b/beagle/debian-rfs/etc/default/tmpfs @@ -0,0 +1,6 @@ +# SHM_SIZE sets the maximum size (in bytes) that the /dev/shm tmpfs can use. +# If this is not set then the size defaults to the value of TMPFS_SIZE +# if that is set; otherwise to the kernel's default. +# +# The size will be rounded down to a multiple of the page size, 4096 bytes. +SHM_SIZE= diff --git a/beagle/debian-rfs/etc/default/useradd b/beagle/debian-rfs/etc/default/useradd new file mode 100644 index 0000000..a834fef --- /dev/null +++ b/beagle/debian-rfs/etc/default/useradd @@ -0,0 +1,37 @@ +# Default values for useradd(8) +# +# The SHELL variable specifies the default login shell on your +# system. +# Similar to DHSELL in adduser. However, we use "sh" here because +# useradd is a low level utility and should be as general +# as possible +SHELL=/bin/sh +# +# The default group for users +# 100=users on Debian systems +# Same as USERS_GID in adduser +# This argument is used when the -n flag is specified. +# The default behavior (when -n and -g are not specified) is to create a +# primary user group with the same name as the user being added to the +# system. +# GROUP=100 +# +# The default home directory. Same as DHOME for adduser +# HOME=/home +# +# The number of days after a password expires until the account +# is permanently disabled +# INACTIVE=-1 +# +# The default expire date +# EXPIRE= +# +# The SKEL variable specifies the directory containing "skeletal" user +# files; in other words, files such as a sample .profile that will be +# copied to the new user's home directory when it is created. +# SKEL=/etc/skel +# +# Defines whether the mail spool should be created while +# creating the account +# CREATE_MAIL_SPOOL=yes + diff --git a/beagle/debian-rfs/etc/dpkg/dpkg.cfg b/beagle/debian-rfs/etc/dpkg/dpkg.cfg new file mode 100644 index 0000000..ba898ee --- /dev/null +++ b/beagle/debian-rfs/etc/dpkg/dpkg.cfg @@ -0,0 +1,13 @@ +# dpkg configuration file +# +# This file can contain default options for dpkg. All command-line +# options are allowed. Values can be specified by putting them after +# the option, separated by whitespace and/or an `=' sign. +# + +# Do not enable debsig-verify by default; since the distribution is not using +# embedded signatures, debsig-verify would reject all packages. +no-debsig + +# Log status changes and actions to a file. +log /var/log/dpkg.log diff --git a/beagle/debian-rfs/etc/dpkg/origins/debian b/beagle/debian-rfs/etc/dpkg/origins/debian new file mode 100644 index 0000000..91f6ed1 --- /dev/null +++ b/beagle/debian-rfs/etc/dpkg/origins/debian @@ -0,0 +1,3 @@ +Vendor: Debian +Vendor-URL: http://www.debian.org/ +Bugs: debbugs://bugs.debian.org diff --git a/beagle/debian-rfs/etc/fstab b/beagle/debian-rfs/etc/fstab new file mode 100644 index 0000000..6691d9b --- /dev/null +++ b/beagle/debian-rfs/etc/fstab @@ -0,0 +1 @@ +# UNCONFIGURED FSTAB FOR BASE SYSTEM diff --git a/beagle/debian-rfs/etc/gai.conf b/beagle/debian-rfs/etc/gai.conf new file mode 100644 index 0000000..4e154bc --- /dev/null +++ b/beagle/debian-rfs/etc/gai.conf @@ -0,0 +1,74 @@ +# Configuration for getaddrinfo(3). +# +# So far only configuration for the destination address sorting is needed. +# RFC 3484 governs the sorting. But the RFC also says that system +# administrators should be able to overwrite the defaults. This can be +# achieved here. +# +# All lines have an initial identifier specifying the option followed by +# up to two values. Information specified in this file replaces the +# default information. Complete absence of data of one kind causes the +# appropriate default information to be used. The supported commands include: +# +# reload <yes|no> +# If set to yes, each getaddrinfo(3) call will check whether this file +# changed and if necessary reload. This option should not really be +# used. There are possible runtime problems. The default is no. +# +# label <mask> <value> +# Add another rule to the RFC 3484 label table. See section 2.1 in +# RFC 3484. The default is: +# +#label ::1/128 0 +#label ::/0 1 +#label 2002::/16 2 +#label ::/96 3 +#label ::ffff:0:0/96 4 +#label fec0::/10 5 +#label fc00::/7 6 +#label 2001:0::/32 7 +# +# This default differs from the tables given in RFC 3484 by handling +# (now obsolete) site-local IPv6 addresses and Unique Local Addresses. +# The reason for this difference is that these addresses are never +# NATed while IPv4 site-local addresses most probably are. Given +# the precedence of IPv6 over IPv4 (see below) on machines having only +# site-local IPv4 and IPv6 addresses a lookup for a global address would +# see the IPv6 be preferred. The result is a long delay because the +# site-local IPv6 addresses cannot be used while the IPv4 address is +# (at least for the foreseeable future) NATed. We also treat Teredo +# tunnels special. +# +# precedence <mask> <value> +# Add another rule to the RFC 3484 precedence table. See section 2.1 +# and 10.3 in RFC 3484. The default is: +# +#precedence ::1/128 50 +#precedence ::/0 40 +#precedence 2002::/16 30 +#precedence ::/96 20 +#precedence ::ffff:0:0/96 10 +# +# For sites which prefer IPv4 connections change the last line to +# +#precedence ::ffff:0:0/96 100 + +# +# scopev4 <mask> <value> +# Add another rule to the RFC 3484 scope table for IPv4 addresses. +# By default the scope IDs described in section 3.2 in RFC 3484 are +# used. Changing these defaults should hardly ever be necessary. +# The defaults are equivalent to: +# +#scopev4 ::ffff:169.254.0.0/112 2 +#scopev4 ::ffff:127.0.0.0/104 2 +#scopev4 ::ffff:0.0.0.0/96 14 +# +# For sites which use site-local IPv4 addresses behind NAT there is +# the problem that even if IPv4 addresses are preferred they do not +# have the same scope and are therefore not sorted first. To change +# this use only these rules: +# +#scopev4 ::ffff:169.254.0.0/112 2 +#scopev4 ::ffff:127.0.0.0/104 2 +#scopev4 ::ffff:0.0.0.0/96 14 diff --git a/beagle/debian-rfs/etc/host.conf b/beagle/debian-rfs/etc/host.conf new file mode 100644 index 0000000..d1a59f7 --- /dev/null +++ b/beagle/debian-rfs/etc/host.conf @@ -0,0 +1 @@ +multi on diff --git a/beagle/debian-rfs/etc/hostname b/beagle/debian-rfs/etc/hostname new file mode 100644 index 0000000..c9133b5 --- /dev/null +++ b/beagle/debian-rfs/etc/hostname @@ -0,0 +1 @@ +deepthought diff --git a/beagle/debian-rfs/etc/init.d/README b/beagle/debian-rfs/etc/init.d/README new file mode 100644 index 0000000..8477036 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/README @@ -0,0 +1,60 @@ + Configuration of System V init under Debian GNU/Linux + +Most Unix versions have a file here that describes how the scripts +in this directory work, and how the links in the /etc/rc?.d/ directories +influence system startup/shutdown. + +For Debian, this information is contained in the policy manual, chapter +"System run levels and init.d scripts". The Debian Policy Manual is +available at: + + http://www.debian.org/doc/debian-policy/#contents + +The Debian Policy Manual is also available in the Debian package +"debian-policy". When this package is installed, the policy manual can be +found in directory /usr/share/doc/debian-policy. If you have a browser +installed you can probably read it at + + file://localhost/usr/share/doc/debian-policy/ + +Some more detailed information can also be found in the files in the +/usr/share/doc/sysv-rc directory. + +Debian Policy dictates that /etc/init.d/*.sh scripts must work properly +when sourced. The following additional rules apply: + +* /etc/init.d/*.sh scripts must not rely for their correct functioning + on their being sourced rather than executed. That is, they must work + properly when executed too. They must include "#!/bin/sh" at the top. + This is useful when running scripts in parallel. + +* /etc/init.d/*.sh scripts must conform to the rules for sh scripts as + spelled out in the Debian policy section entitled "Scripts" (§10.4). + +Use the update-rc.d command to create symbolic links in the /etc/rc?.d +as appropriate. See that man page for more details. + +All init.d scripts are expected to have a LSB style header documenting +dependencies and default runlevel settings. The header look like this +(not all fields are required): + +### BEGIN INIT INFO +# Provides: skeleton +# Required-Start: $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Should-Start: $portmap +# Should-Stop: $portmap +# X-Start-Before: nis +# X-Stop-After: nis +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# X-Interactive: true +# Short-Description: Example initscript +# Description: This file should be used to construct scripts to be +# placed in /etc/init.d. +### END INIT INFO + +More information on the format is available from insserv(8). This +information is used to dynamicaly assign sequence numbers to the +boot scripts and to run the scripts in parallel during the boot. +See also /usr/share/doc/insserv/README.Debian. diff --git a/beagle/debian-rfs/etc/init.d/bootlogd b/beagle/debian-rfs/etc/init.d/bootlogd new file mode 100755 index 0000000..b688796 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/bootlogd @@ -0,0 +1,96 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: bootlogd +# Required-Start: mountdevsubfs +# X-Start-Before: hostname keymap keyboard-setup procps pcmcia hwclock hwclockfirst hdparm hibernate-cleanup lvm2 +# Required-Stop: +# Default-Start: S +# Default-Stop: +# Short-Description: Start or stop bootlogd. +# Description: Starts or stops the bootlogd log program +# which logs boot messages. +### END INIT INFO + +PATH=/sbin:/bin # No remote fs at start +DAEMON=/sbin/bootlogd +[ -x "$DAEMON" ] || exit 0 +NAME=bootlogd +DESC="boot logger" +BOOTLOGD_OPTS="-r -c" +[ -r /etc/default/bootlogd ] && . /etc/default/bootlogd +. /lib/init/vars.sh + +. /lib/lsb/init-functions + +# Because bootlogd is broken on some systems, we take the special measure +# of requiring it to be enabled by setting an environment variable. +case "$BOOTLOGD_ENABLE" in + [Nn]*) + exit 0 + ;; +esac + +# Previously this script was symlinked as "stop-bootlogd" which, when run +# with the "start" argument, should stop bootlogd. Now stop-bootlogd is +# a distinct script, but for backward compatibility this script continues +# to implement the old behavior. +SCRIPTNAME=${0##*/} +SCRIPTNAME=${SCRIPTNAME#[SK]??} +ACTION="$1" +case "$0" in + *stop-bootlog*) + [ "$ACTION" = start ] && ACTION=stop + ;; +esac + +case "$ACTION" in + start) + # PATH is set above + [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" + if [ -d /proc/1/. ] + then + umask 027 + start-stop-daemon --start --quiet --exec $DAEMON -- \ + $BOOTLOGD_OPTS + ES=$? + else + $DAEMON $BOOTLOGD_OPTS + ES=$? + fi + [ "$VERBOSE" != no ] && log_end_msg $ES + ;; + stop) + PATH=/bin:/sbin:/usr/bin:/usr/sbin + [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" + start-stop-daemon --oknodo --stop --quiet --exec $DAEMON + ES=$? + sleep 1 + [ "$VERBOSE" != no ] && log_end_msg $ES + if [ -f /var/log/boot ] && [ -f /var/log/boot~ ] + then + [ "$VERBOSE" = no ] || log_action_begin_msg "Moving boot log file" + # bootlogd writes to boot, making backup at boot~ + cd /var/log && { + chgrp adm boot || : + savelog -q -p -c 5 boot \ + && mv boot.0 boot \ + && mv boot~ boot.0 + } + ES=$? + [ "$VERBOSE" = no ] || log_action_end_msg $ES + fi + ;; + restart|force-reload) + /etc/init.d/bootlogd stop + /etc/init.d/bootlogd start + ;; + status) + status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $? + ;; + *) + echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload|status}" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/bootlogs b/beagle/debian-rfs/etc/init.d/bootlogs new file mode 100755 index 0000000..769e644 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/bootlogs @@ -0,0 +1,76 @@ +#!/bin/sh +### BEGIN INIT INFO +# Provides: bootlogs +# Required-Start: hostname $local_fs +# Required-Stop: +# Should-Start: $x-display-manager gdm kdm xdm ldm sdm wdm nodm +# Default-Start: 1 2 3 4 5 +# Default-Stop: +# Short-Description: Log file handling to be done during bootup. +# Description: Various things that don't need to be done particularly +# early in the boot, just before getty is run. +### END INIT INFO + +PATH=/sbin:/usr/sbin:/bin:/usr/bin +[ "$DELAYLOGIN" ] || DELAYLOGIN=yes +. /lib/init/vars.sh + +do_start () { + # Update motd + uname -snrvm > /var/run/motd + [ -f /etc/motd.tail ] && cat /etc/motd.tail >> /var/run/motd + + # Save kernel messages in /var/log/dmesg + if which dmesg >/dev/null 2>&1 + then + [ -f /var/log/dmesg ] && savelog -q -p -c 5 /var/log/dmesg + dmesg -s 524288 > /var/log/dmesg + chgrp adm /var/log/dmesg || : + elif [ -c /dev/klog ] + then + [ -f /var/log/dmesg ] && savelog -q -p -c 5 /var/log/dmesg + dd if=/dev/klog of=/var/log/dmesg & + sleep 1 + kill $! + [ -f /var/log/dmesg ] && { chgrp adm /var/log/dmesg || : ; } + fi + + # + # Save udev log in /var/log/udev + # + if [ -e /dev/.udev.log ] + then + mv -f /dev/.udev.log /var/log/udev + fi +} + +do_status () { + if [ -f /var/run/motd ] && [ ! -f /dev/.udev.log ] ; then + return 0 + else + return 4 + fi +} + +case "$1" in + start|"") + do_start + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + # No-op + ;; + status) + do_status + exit $? + ;; + *) + echo "Usage: bootlogs [start|stop|status]" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/bootmisc.sh b/beagle/debian-rfs/etc/init.d/bootmisc.sh new file mode 100755 index 0000000..334a14e --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/bootmisc.sh @@ -0,0 +1,65 @@ +#!/bin/sh +### BEGIN INIT INFO +# Provides: bootmisc +# Required-Start: $remote_fs +# Required-Stop: +# Should-Start: udev +# Default-Start: S +# Default-Stop: +# Short-Description: Miscellaneous things to be done during bootup. +# Description: Some cleanup. Note, it need to run after mountnfs-bootclean.sh. +### END INIT INFO + +PATH=/sbin:/usr/sbin:/bin:/usr/bin +[ "$DELAYLOGIN" ] || DELAYLOGIN=yes +. /lib/init/vars.sh + +do_start () { + # + # If login delaying is enabled then create the flag file + # which prevents logins before startup is complete + # + case "$DELAYLOGIN" in + Y*|y*) + echo "System bootup in progress - please wait" > /var/lib/initscripts/nologin + ;; + esac + + # Create /var/run/utmp so we can login. + : > /var/run/utmp + if grep -q ^utmp: /etc/group + then + chmod 664 /var/run/utmp + chgrp utmp /var/run/utmp + fi + + # Set pseudo-terminal access permissions. + if [ ! -e /dev/.udev ] && [ -c /dev/ttyp0 ] + then + chmod -f 666 /dev/tty[p-za-e][0-9a-f] + chown -f root:tty /dev/tty[p-za-e][0-9a-f] + fi + + # Remove bootclean's flag files. + # Don't run bootclean again after this! + rm -f /tmp/.clean /var/run/.clean /var/lock/.clean +} + +case "$1" in + start|"") + do_start + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + # No-op + ;; + *) + echo "Usage: bootmisc.sh [start|stop]" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/checkfs.sh b/beagle/debian-rfs/etc/init.d/checkfs.sh new file mode 100755 index 0000000..a290672 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/checkfs.sh @@ -0,0 +1,159 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: checkfs +# Required-Start: checkroot +# Required-Stop: +# Should-Start: mtab +# Default-Start: S +# Default-Stop: +# X-Interactive: true +# Short-Description: Check all filesystems. +### END INIT INFO + +# Include /usr/bin in path to find on_ac_power if /usr/ is on the root +# partition. +PATH=/sbin:/bin:/usr/bin +FSCK_LOGFILE=/var/log/fsck/checkfs +[ "$FSCKFIX" ] || FSCKFIX=no +. /lib/init/vars.sh + +. /lib/lsb/init-functions +. /lib/init/splash-functions-base +. /lib/init/usplash-fsck-functions.sh +. /lib/init/swap-functions.sh + +do_start () { + # See if we're on AC Power. If not, we're not gonna run our + # check. If on_ac_power (in /usr/) is unavailable, behave as + # before and check all file systems needing it. + +# Disabled AC power check until fsck can be told to only check the +# file system if it is corrupt when running on battery. (bug #526398) +# if which on_ac_power >/dev/null 2>&1 +# then +# on_ac_power >/dev/null 2>&1 +# if [ $? -eq 1 ] +# then +# [ "$VERBOSE" = no ] || log_success_msg "Running on battery power, so skipping file system check." +# BAT=yes +# fi +# fi + BAT="" + fscheck="yes" + + if [ -f /fastboot ] || grep -s -w -i "fastboot" /proc/cmdline + then + [ "$fscheck" = yes ] && log_warning_msg "Fast boot enabled, so skipping file system check." + fscheck=no + fi + + # + # Check the rest of the file systems. + # + if [ "$fscheck" = yes ] && [ ! "$BAT" ] && [ "$FSCKTYPES" != "none" ] + then + + # Execute swapon command again, in case there are lvm + # or md swap partitions. fsck can suck RAM. + swaponagain 'lvm and md' + + if [ -f /forcefsck ] || grep -s -w -i "forcefsck" /proc/cmdline + then + force="-f" + else + force="" + fi + if [ "$FSCKFIX" = yes ] + then + fix="-y" + else + fix="-a" + fi + spinner="-C" + case "$TERM" in + dumb|network|unknown|"") + spinner="" + ;; + esac + [ "$(uname -m)" = s390 ] && spinner="" # This should go away + FSCKTYPES_OPT="" + [ "$FSCKTYPES" ] && FSCKTYPES_OPT="-t $FSCKTYPES" + handle_failed_fsck() { + log_failure_msg "File system check failed. +A log is being saved in ${FSCK_LOGFILE} if that location is writable. +Please repair the file system manually." + log_warning_msg "A maintenance shell will now be started. +CONTROL-D will terminate this shell and resume system boot." + # Start a single user shell on the console + if ! sulogin $CONSOLE + then + log_failure_msg "Attempt to start maintenance shell failed. +Continuing with system boot in 5 seconds." + sleep 5 + fi + } + if [ "$VERBOSE" = no ] + then + log_action_begin_msg "Checking file systems" + if usplash_running; then + PROGRESS_FILE=`mktemp` || exit 1 + set -m + logsave -s $FSCK_LOGFILE fsck -C3 -R -A $fix $force $FSCKTYPES_OPT >/dev/console 2>&1 3>$PROGRESS_FILE & + set +m + usplash_progress "$PROGRESS_FILE" + rm -f $PROGRESS_FILE + else + splash_start_indefinite + logsave -s $FSCK_LOGFILE fsck $spinner -R -A $fix $force $FSCKTYPES_OPT + FSCKCODE=$? + splash_stop_indefinite + fi + + if [ "$FSCKCODE" -gt 1 ] + then + log_action_end_msg 1 "code $FSCKCODE" + handle_failed_fsck + else + log_action_end_msg 0 + fi + else + if [ "$FSCKTYPES" ] + then + log_action_msg "Will now check all file systems of types $FSCKTYPES" + else + log_action_msg "Will now check all file systems" + fi + splash_start_indefinite + logsave -s $FSCK_LOGFILE fsck $spinner -V -R -A $fix $force $FSCKTYPES_OPT + FSCKCODE=$? + splash_stop_indefinite + if [ "$FSCKCODE" -gt 1 ] + then + handle_failed_fsck + else + log_success_msg "Done checking file systems. +A log is being saved in ${FSCK_LOGFILE} if that location is writable." + fi + fi + fi + rm -f /fastboot /forcefsck 2>/dev/null +} + +case "$1" in + start|"") + do_start + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + # No-op + ;; + *) + echo "Usage: checkfs.sh [start|stop]" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/checkroot.sh b/beagle/debian-rfs/etc/init.d/checkroot.sh new file mode 100755 index 0000000..df84d22 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/checkroot.sh @@ -0,0 +1,436 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: checkroot +# Required-Start: mountdevsubfs hostname +# Required-Stop: +# Should-Start: keymap hwclockfirst hdparm bootlogd +# Should-stop: +# Default-Start: S +# Default-Stop: +# X-Interactive: true +# Short-Description: Check to root file system. +### END INIT INFO + +# Include /usr/bin in path to find on_ac_power if /usr/ is on the root +# partition. +PATH=/sbin:/bin:/usr/bin +FSCK_LOGFILE=/var/log/fsck/checkroot +[ "$FSCKFIX" ] || FSCKFIX=no +[ "$SULOGIN" ] || SULOGIN=no +. /lib/init/vars.sh + +. /lib/lsb/init-functions +. /lib/init/mount-functions.sh +. /lib/init/splash-functions-base +. /lib/init/usplash-fsck-functions.sh + +do_start () { + # + # Set SULOGIN in /etc/default/rcS to yes if you want a sulogin to + # be spawned from this script *before anything else* with a timeout, + # like sysv does. + # + [ "$SULOGIN" = yes ] && sulogin -t 30 $CONSOLE + + KERNEL="$(uname -s)" + MACHINE="$(uname -m)" + + # + # Read /etc/fstab, looking for: + # 1) The root filesystem, resolving LABEL=*|UUID=* entries to the + # device node, + # 2) Swap that is on a md device or a file that may be on a md + # device, + # + + exec 9<&0 </etc/fstab + + fstabroot=/dev/root + rootdev=none + roottype=none + rootopts=defaults + rootmode=rw + rootcheck=no + swap_on_lv=no + swap_on_file=no + + while read DEV MTPT FSTYPE OPTS DUMP PASS JUNK + do + case "$DEV" in + ""|\#*) + continue; + ;; + /dev/mapper/*) + [ "$FSTYPE" = "swap" ] && swap_on_lv=yes + ;; + /dev/*) + ;; + LABEL=*|UUID=*) + if [ "$MTPT" = "/" ] && [ -x /sbin/findfs ] + then + DEV="$(findfs "$DEV")" + fi + ;; + /*) + [ "$FSTYPE" = "swap" ] && swap_on_file=yes + ;; + *) + ;; + esac + [ "$MTPT" != "/" ] && continue + rootdev="$DEV" + fstabroot="$DEV" + rootopts="$OPTS" + roottype="$FSTYPE" + ( [ "$PASS" != 0 ] && [ "$PASS" != "" ] ) && rootcheck=yes + ( [ "$FSTYPE" = "nfs" ] || [ "$FSTYPE" = "nfs4" ] ) && rootcheck=no + case "$OPTS" in + ro|ro,*|*,ro|*,ro,*) + rootmode=ro + ;; + esac + done + + exec 0<&9 9<&- + + # + # Activate the swap device(s) in /etc/fstab. This needs to be done + # before fsck, since fsck can be quite memory-hungry. + # + ENABLE_SWAP=no + case "$KERNEL" in + Linux) + if [ "$NOSWAP" = yes ] + then + [ "$VERBOSE" = no ] || log_warning_msg "Not activating swap as requested via bootoption noswap." + ENABLE_SWAP=no + else + if [ "$swap_on_lv" = yes ] + then + [ "$VERBOSE" = no ] || log_warning_msg "Not activating swap on logical volume." + elif [ "$swap_on_file" = yes ] + then + [ "$VERBOSE" = no ] || log_warning_msg "Not activating swap on swapfile." + else + ENABLE_SWAP=yes + fi + fi + ;; + *) + ENABLE_SWAP=yes + ;; + esac + if [ "$ENABLE_SWAP" = yes ] + then + if [ "$VERBOSE" = no ] + then + log_action_begin_msg "Activating swap" + swapon -a -e >/dev/null 2>&1 + log_action_end_msg $? + else + log_daemon_msg "Activating swap" + swapon -a -v + log_end_msg $? + fi + fi + + # + # Does the root device in /etc/fstab match with the actual device ? + # If not we try to use the /dev/root alias device, and if that + # fails we create a temporary node in /lib/init/rw. + # + if [ "$rootcheck" = yes ] + then + ddev="$(mountpoint -qx $rootdev)" + rdev="$(mountpoint -d /)" + if [ "$ddev" != "$rdev" ] && [ "$ddev" != "4:0" ] + then + if [ "$(mountpoint -qx /dev/root)" = "4:0" ] + then + rootdev=/dev/root + else + if \ + rm -f /lib/init/rw/rootdev \ + && mknod -m 600 /lib/init/rw/rootdev b ${rdev%:*} ${rdev#*:} \ + && [ -e /lib/init/rw/rootdev ] + then + rootdev=/lib/init/rw/rootdev + else + rootfatal=yes + fi + fi + fi + fi + + # + # Bother, said Pooh. + # + if [ "$rootfatal" = yes ] + then + log_failure_msg "The device node $rootdev for the root filesystem is missing or incorrect +or there is no entry for the root filesystem listed in /etc/fstab. +The system is also unable to create a temporary node in /lib/init/rw. +This means you have to fix the problem manually." + log_warning_msg "A maintenance shell will now be started. +CONTROL-D will terminate this shell and restart the system." + # Start a single user shell on the console + if ! sulogin $CONSOLE + then + log_failure_msg "Attempt to start maintenance shell failed. +Will restart in 5 seconds." + sleep 5 + fi + [ "$VERBOSE" = no ] || log_action_msg "Will now restart" + reboot -f + fi + + # See if we're on AC Power. If not, we're not gonna run our + # check. If on_ac_power (in /usr/) is unavailable, behave as + # before and check all file systems needing it. +# Disabled AC power check until fsck can be told to only check the +# file system if it is corrupt when running on battery. (bug #526398) +# if which on_ac_power >/dev/null 2>&1 && [ "$rootcheck" = yes ] +# then +# on_ac_power >/dev/null 2>&1 +# if [ "$?" -eq 1 ] +# then +# log_warning_msg "On battery power, so skipping file system check." +# rootcheck=no +# fi +# fi + + # + # See if we want to check the root file system. + # + FSCKCODE=0 + if [ -f /fastboot ] || grep -s -w -i "fastboot" /proc/cmdline + then + [ "$rootcheck" = yes ] && log_warning_msg "Fast boot enabled, so skipping root file system check." + rootcheck=no + fi + + if [ "$rootcheck" = yes ] + then + # + # Ensure that root is quiescent and read-only before fsck'ing. + # + # mount -n -o remount,ro / would be the correct syntax but + # mount can get confused when there is a "bind" mount defined + # in fstab that bind-mounts "/" somewhere else. + # + # So we use mount -n -o remount,ro $rootdev / but that can + # fail on older kernels on sparc64/alpha architectures due + # to a bug in sys_mount(). + # + # As a compromise we try both. + # + if \ + ! mount -n -o remount,ro $rootdev / \ + && ! mount -n -o remount,ro -t dummytype $rootdev / 2>/dev/null \ + && ! mount -n -o remount,ro / 2>/dev/null + then + log_failure_msg "Cannot check root file system because it is not mounted read-only." + rootcheck=no + fi + fi + + # + # The actual checking is done here. + # + if [ "$rootcheck" = yes ] + then + if [ -f /forcefsck ] || grep -s -w -i "forcefsck" /proc/cmdline + then + force="-f" + else + force="" + fi + + if [ "$FSCKFIX" = yes ] + then + fix="-y" + else + fix="-a" + fi + + spinner="-C" + case "$TERM" in + dumb|network|unknown|"") + spinner="" ;; + esac + # This Linux/s390 special case should go away. + if [ "${KERNEL}:${MACHINE}" = Linux:s390 ] + then + spinner="" + fi + + if [ "$VERBOSE" = no ] + then + log_action_begin_msg "Checking root file system" + if [ "$roottype" = "ext2" -o "$roottype" = "ext3" -o "$roottype" = "ext4" ] && usplash_running; then + PROGRESS_FILE=`mktemp -p /lib/init/rw` || PROGRESS_FILE=/lib/init/rw/checkroot_fsck + set -m + logsave -s $FSCK_LOGFILE fsck -C3 $force $fix -t $roottype $rootdev >/dev/console 2>&1 3>$PROGRESS_FILE & + set +m + usplash_progress "$PROGRESS_FILE" + rm -f $PROGRESS_FILE + else + splash_start_indefinite + logsave -s $FSCK_LOGFILE fsck $spinner $force $fix -t $roottype $rootdev + FSCKCODE=$? + splash_stop_indefinite + fi + if [ "$FSCKCODE" = 0 ] + then + log_action_end_msg 0 + else + log_action_end_msg 1 "code $FSCKCODE" + fi + else + splash_start_indefinite + log_daemon_msg "Will now check root file system" + logsave -s $FSCK_LOGFILE fsck $spinner $force $fix -V -t $roottype $rootdev + FSCKCODE=$? + log_end_msg $FSCKCODE + splash_stop_indefinite + fi + fi + + # + # If there was a failure, drop into single-user mode. + # + # NOTE: "failure" is defined as exiting with a return code of + # 4 or larger. A return code of 1 indicates that file system + # errors were corrected but that the boot may proceed. A return + # code of 2 or 3 indicates that the system should immediately reboot. + # + if [ "$FSCKCODE" -gt 3 ] + then + # Surprise! Re-directing from a HERE document (as in "cat << EOF") + # does not work because the root is currently read-only. + log_failure_msg "An automatic file system check (fsck) of the root filesystem failed. +A manual fsck must be performed, then the system restarted. +The fsck should be performed in maintenance mode with the +root filesystem mounted in read-only mode." + log_warning_msg "The root filesystem is currently mounted in read-only mode. +A maintenance shell will now be started. +After performing system maintenance, press CONTROL-D +to terminate the maintenance shell and restart the system." + # Start a single user shell on the console + if ! sulogin $CONSOLE + then + log_failure_msg "Attempt to start maintenance shell failed. +Will restart in 5 seconds." + sleep 5 + fi + [ "$VERBOSE" = no ] || log_action_msg "Will now restart" + reboot -f + elif [ "$FSCKCODE" -gt 1 ] + then + log_failure_msg "The file system check corrected errors on the root partition +but requested that the system be restarted." + log_warning_msg "The system will be restarted in 5 seconds." + sleep 5 + [ "$VERBOSE" = no ] || log_action_msg "Will now restart" + reboot -f + fi + + # + # Remount root to final mode (rw or ro). + # + # See the comments above at the previous "mount -o remount" + # for an explanation why we try this twice. + # + if ! mount -n -o remount,$rootopts,$rootmode $fstabroot / 2>/dev/null + then + mount -n -o remount,$rootopts,$rootmode / + fi + + # + # We only create/modify /etc/mtab if the location where it is + # stored is writable. If /etc/mtab is a symlink into /proc/ + # then it is not writable. + # + INIT_MTAB_FILE=no + MTAB_PATH="$(readlink -f /etc/mtab || :)" + case "$MTAB_PATH" in + /proc/*) + ;; + /*) + if touch "$MTAB_PATH" >/dev/null 2>&1 + then + :> "$MTAB_PATH" + rm -f ${MTAB_PATH}~ + INIT_MTAB_FILE=yes + fi + ;; + "") + [ -L /etc/mtab ] && MTAB_PATH="$(readlink /etc/mtab)" + if [ "$MTAB_PATH" ] + then + log_failure_msg "Cannot initialize ${MTAB_PATH}." + else + log_failure_msg "Cannot initialize /etc/mtab." + fi + ;; + *) + log_failure_msg "Illegal mtab location '${MTAB_PATH}'." + ;; + esac + + if [ "$INIT_MTAB_FILE" = yes ] + then + [ "$roottype" != none ] && + mount -f -o $rootopts -t $roottype $fstabroot / + fi + + # + # Remove /lib/init/rw/rootdev if we created it. + # + rm -f /lib/init/rw/rootdev +} + +do_status () { + # If / is read-write or swap is enabled, this script have done + # its job. + rootrw=false + swapon=false + if [ -f /etc/mtab ] ; then + if grep " / " /etc/mtab |grep -q rw ; then + rootrw=true + fi + fi + if [ -f /proc/swaps ] ; then + if [ "$(cat /proc/swaps |grep -v ^Filename)" ] ; then + swapon=true + fi + fi + if [ true = "$rootrw" ] || [ true = "$swapon" ] ; then + return 0 + else + return 4 + fi +} + +case "$1" in + start|"") + do_start + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + # No-op + ;; + status) + do_status + exit $? + ;; + *) + echo "Usage: checkroot.sh [start|stop]" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/halt b/beagle/debian-rfs/etc/init.d/halt new file mode 100755 index 0000000..3b359fe --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/halt @@ -0,0 +1,83 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: halt +# Required-Start: +# Required-Stop: +# Default-Start: +# Default-Stop: 0 +# Short-Description: Execute the halt command. +# Description: +### END INIT INFO + +NETDOWN=yes + +PATH=/sbin:/usr/sbin:/bin:/usr/bin +[ -f /etc/default/halt ] && . /etc/default/halt + +. /lib/lsb/init-functions + +do_stop () { + if [ "$INIT_HALT" = "" ] + then + case "$HALT" in + [Pp]*) + INIT_HALT=POWEROFF + ;; + [Hh]*) + INIT_HALT=HALT + ;; + *) + INIT_HALT=POWEROFF + ;; + esac + fi + + # See if we need to cut the power. + if [ "$INIT_HALT" = "POWEROFF" ] && [ -x /etc/init.d/ups-monitor ] + then + /etc/init.d/ups-monitor poweroff + fi + + # Don't shut down drives if we're using RAID. + hddown="-h" + if grep -qs '^md.*active' /proc/mdstat + then + hddown="" + fi + + # If INIT_HALT=HALT don't poweroff. + poweroff="-p" + if [ "$INIT_HALT" = "HALT" ] + then + poweroff="" + fi + + # Make it possible to not shut down network interfaces, + # needed to use wake-on-lan + netdown="-i" + if [ "$NETDOWN" = "no" ]; then + netdown="" + fi + + log_action_msg "Will now halt" + halt -d -f $netdown $poweroff $hddown +} + +case "$1" in + start) + # No-op + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + do_stop + ;; + *) + echo "Usage: $0 start|stop" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/hostname.sh b/beagle/debian-rfs/etc/init.d/hostname.sh new file mode 100755 index 0000000..61eb5ea --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/hostname.sh @@ -0,0 +1,68 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: hostname +# Required-Start: +# Required-Stop: +# Should-Start: glibc +# Default-Start: S +# Default-Stop: +# Short-Description: Set hostname based on /etc/hostname +# Description: Read the machines hostname from /etc/hostname, and +# update the kernel value with this value. If +# /etc/hostname is empty, the current kernel value +# for hostname is used. If the kernel value is +# empty, the value 'localhost' is used. +### END INIT INFO + +PATH=/sbin:/bin + +. /lib/init/vars.sh +. /lib/lsb/init-functions + +do_start () { + [ -f /etc/hostname ] && HOSTNAME="$(cat /etc/hostname)" + + # Keep current name if /etc/hostname is missing. + [ -z "$HOSTNAME" ] && HOSTNAME="$(hostname)" + + # And set it to 'localhost' if no setting was found + [ -z "$HOSTNAME" ] && HOSTNAME=localhost + + [ "$VERBOSE" != no ] && log_action_begin_msg "Setting hostname to '$HOSTNAME'" + hostname "$HOSTNAME" + ES=$? + [ "$VERBOSE" != no ] && log_action_end_msg $ES + exit $ES +} + +do_status () { + HOSTNAME=$(hostname) + if [ "$HOSTNAME" ] ; then + return 0 + else + return 4 + fi +} + +case "$1" in + start|"") + do_start + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + # No-op + ;; + status) + do_status + exit $? + ;; + *) + echo "Usage: hostname.sh [start|stop]" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/hwclock.sh b/beagle/debian-rfs/etc/init.d/hwclock.sh new file mode 100755 index 0000000..d500287 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/hwclock.sh @@ -0,0 +1,171 @@ +#!/bin/sh +# hwclock.sh Set and adjust the CMOS clock, according to the UTC +# setting in /etc/default/rcS (see also rcS(5)). +# +# Version: @(#)hwclock.sh 2.00 14-Dec-1998 miquels@cistron.nl +# +# Patches: +# 2000-01-30 Henrique M. Holschuh <hmh@rcm.org.br> +# - Minor cosmetic changes in an attempt to help new +# users notice something IS changing their clocks +# during startup/shutdown. +# - Added comments to alert users of hwclock issues +# and discourage tampering without proper doc reading. + +# WARNING: Please read /usr/share/doc/util-linux/README.Debian.hwclock +# before changing this file. You risk serious clock +# misbehaviour otherwise. + +### BEGIN INIT INFO +# Provides: hwclock +# Required-Start: checkroot +# Required-Stop: $local_fs +# Default-Start: S +# Default-Stop: 0 6 +### END INIT INFO + +FIRST=no # debian/rules sets this to 'yes' when creating hwclockfirst.sh + +# Set this to any options you might need to give to hwclock, such +# as machine hardware clock type for Alphas. +HWCLOCKPARS= + +# Set this to the hardware clock device you want to use, it should +# probably match the CONFIG_RTC_HCTOSYS_DEVICE kernel config option. +HCTOSYS_DEVICE=rtc0 + +hwclocksh() +{ + [ ! -x /sbin/hwclock ] && return 0 + [ ! -r /etc/default/rcS ] || . /etc/default/rcS + + . /lib/lsb/init-functions + verbose_log_action_msg() { [ "$VERBOSE" = no ] || log_action_msg "$@"; } + + [ "$GMT" = "-u" ] && UTC="yes" + case "$UTC" in + no|"") GMT="--localtime" + UTC="" + if [ "X$FIRST" = "Xyes" ] && [ ! -r /etc/localtime ]; then + if [ -z "$TZ" ]; then + log_action_msg "System clock was not updated at this time" + return 1 + fi + fi + ;; + yes) GMT="--utc" + UTC="--utc" + ;; + *) log_action_msg "Unknown UTC setting: \"$UTC\""; return 1 ;; + esac + + case "$BADYEAR" in + no|"") BADYEAR="" ;; + yes) BADYEAR="--badyear" ;; + *) log_action_msg "unknown BADYEAR setting: \"$BADYEAR\""; return 1 ;; + esac + + case "$1" in + start) + if [ -d /dev/.udev ]; then + return 0 + fi + + if [ -w /etc ] && [ ! -f /etc/adjtime ] && [ ! -e /etc/adjtime ]; then + echo "0.0 0 0.0" > /etc/adjtime + fi + + if [ ! -w /etc/adjtime ]; then + NOADJ="--noadjfile" + else + NOADJ="" + fi + + if [ "$FIRST" != yes ]; then + # Uncomment the hwclock --adjust line below if you want + # hwclock to try to correct systematic drift errors in the + # Hardware Clock. + # + # WARNING: If you uncomment this option, you must either make + # sure *nothing* changes the Hardware Clock other than + # hwclock --systohc, or you must delete /etc/adjtime + # every time someone else modifies the Hardware Clock. + # + # Common "vilains" are: ntp, MS Windows, the BIOS Setup + # program. + # + # WARNING: You must remember to invalidate (delete) + # /etc/adjtime if you ever need to set the system clock + # to a very different value and hwclock --adjust is being + # used. + # + # Please read /usr/share/doc/util-linux/README.Debian.hwclock + # before enabling hwclock --adjust. + + #/sbin/hwclock --rtc=/dev/$HCTOSYS_DEVICE --adjust $GMT $BADYEAR + : + fi + + if [ "$HWCLOCKACCESS" != no ]; then + log_action_msg "Setting the system clock" + + # Copies Hardware Clock time to System Clock using the correct + # timezone for hardware clocks in local time, and sets kernel + # timezone. DO NOT REMOVE. + if /sbin/hwclock --rtc=/dev/$HCTOSYS_DEVICE --hctosys $GMT $HWCLOCKPARS $BADYEAR $NOADJ; then + # Announce the local time. + verbose_log_action_msg "System Clock set to: `date $UTC`" + else + log_warning_msg "Unable to set System Clock to: `date $UTC`" + fi + else + verbose_log_action_msg "Not setting System Clock" + fi + ;; + stop|restart|reload|force-reload) + # + # Updates the Hardware Clock with the System Clock time. + # This will *override* any changes made to the Hardware Clock. + # + # WARNING: If you disable this, any changes to the system + # clock will not be carried across reboots. + # + if [ ! -w /etc/adjtime ]; then + NOADJ="--noadjfile" + else + NOADJ="" + fi + + if [ "$HWCLOCKACCESS" != no ]; then + log_action_msg "Saving the system clock" + if [ "$GMT" = "-u" ]; then + GMT="--utc" + fi + if /sbin/hwclock --rtc=/dev/$HCTOSYS_DEVICE --systohc $GMT $HWCLOCKPARS $BADYEAR $NOADJ; then + verbose_log_action_msg "Hardware Clock updated to `date`" + fi + else + verbose_log_action_msg "Not saving System Clock" + fi + ;; + show) + if [ ! -w /etc/adjtime ]; then + NOADJ="--noadjfile" + else + NOADJ="" + fi + + if [ "$HWCLOCKACCESS" != no ]; then + /sbin/hwclock --rtc=/dev/$HCTOSYS_DEVICE --show $GMT $HWCLOCKPARS $BADYEAR $NOADJ + fi + ;; + *) + log_success_msg "Usage: hwclock.sh {start|stop|reload|force-reload|show}" + log_success_msg " start sets kernel (system) clock from hardware (RTC) clock" + log_success_msg " stop and reload set hardware (RTC) clock from kernel (system) clock" + return 1 + ;; + esac +} + +hwclocksh "$@" diff --git a/beagle/debian-rfs/etc/init.d/hwclockfirst.sh b/beagle/debian-rfs/etc/init.d/hwclockfirst.sh new file mode 100755 index 0000000..75a330a --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/hwclockfirst.sh @@ -0,0 +1,172 @@ +#!/bin/sh +# hwclock.sh Set and adjust the CMOS clock, according to the UTC +# setting in /etc/default/rcS (see also rcS(5)). +# +# Version: @(#)hwclock.sh 2.00 14-Dec-1998 miquels@cistron.nl +# +# Patches: +# 2000-01-30 Henrique M. Holschuh <hmh@rcm.org.br> +# - Minor cosmetic changes in an attempt to help new +# users notice something IS changing their clocks +# during startup/shutdown. +# - Added comments to alert users of hwclock issues +# and discourage tampering without proper doc reading. + +# WARNING: Please read /usr/share/doc/util-linux/README.Debian.hwclock +# before changing this file. You risk serious clock +# misbehaviour otherwise. + +### BEGIN INIT INFO +# Provides: hwclockfirst +# Required-Start: mountdevsubfs +# Required-Stop: +# Default-Start: S +# X-Start-Before: checkroot +# Default-Stop: +### END INIT INFO + +FIRST=yes # debian/rules sets this to 'yes' when creating hwclockfirst.sh + +# Set this to any options you might need to give to hwclock, such +# as machine hardware clock type for Alphas. +HWCLOCKPARS= + +# Set this to the hardware clock device you want to use, it should +# probably match the CONFIG_RTC_HCTOSYS_DEVICE kernel config option. +HCTOSYS_DEVICE=rtc0 + +hwclocksh() +{ + [ ! -x /sbin/hwclock ] && return 0 + [ ! -r /etc/default/rcS ] || . /etc/default/rcS + + . /lib/lsb/init-functions + verbose_log_action_msg() { [ "$VERBOSE" = no ] || log_action_msg "$@"; } + + [ "$GMT" = "-u" ] && UTC="yes" + case "$UTC" in + no|"") GMT="--localtime" + UTC="" + if [ "X$FIRST" = "Xyes" ] && [ ! -r /etc/localtime ]; then + if [ -z "$TZ" ]; then + log_action_msg "System clock was not updated at this time" + return 1 + fi + fi + ;; + yes) GMT="--utc" + UTC="--utc" + ;; + *) log_action_msg "Unknown UTC setting: \"$UTC\""; return 1 ;; + esac + + case "$BADYEAR" in + no|"") BADYEAR="" ;; + yes) BADYEAR="--badyear" ;; + *) log_action_msg "unknown BADYEAR setting: \"$BADYEAR\""; return 1 ;; + esac + + case "$1" in + start) + if [ -d /dev/.udev ]; then + return 0 + fi + + if [ -w /etc ] && [ ! -f /etc/adjtime ] && [ ! -e /etc/adjtime ]; then + echo "0.0 0 0.0" > /etc/adjtime + fi + + if [ ! -w /etc/adjtime ]; then + NOADJ="--noadjfile" + else + NOADJ="" + fi + + if [ "$FIRST" != yes ]; then + # Uncomment the hwclock --adjust line below if you want + # hwclock to try to correct systematic drift errors in the + # Hardware Clock. + # + # WARNING: If you uncomment this option, you must either make + # sure *nothing* changes the Hardware Clock other than + # hwclock --systohc, or you must delete /etc/adjtime + # every time someone else modifies the Hardware Clock. + # + # Common "vilains" are: ntp, MS Windows, the BIOS Setup + # program. + # + # WARNING: You must remember to invalidate (delete) + # /etc/adjtime if you ever need to set the system clock + # to a very different value and hwclock --adjust is being + # used. + # + # Please read /usr/share/doc/util-linux/README.Debian.hwclock + # before enabling hwclock --adjust. + + #/sbin/hwclock --rtc=/dev/$HCTOSYS_DEVICE --adjust $GMT $BADYEAR + : + fi + + if [ "$HWCLOCKACCESS" != no ]; then + log_action_msg "Setting the system clock" + + # Copies Hardware Clock time to System Clock using the correct + # timezone for hardware clocks in local time, and sets kernel + # timezone. DO NOT REMOVE. + if /sbin/hwclock --rtc=/dev/$HCTOSYS_DEVICE --hctosys $GMT $HWCLOCKPARS $BADYEAR $NOADJ; then + # Announce the local time. + verbose_log_action_msg "System Clock set to: `date $UTC`" + else + log_warning_msg "Unable to set System Clock to: `date $UTC`" + fi + else + verbose_log_action_msg "Not setting System Clock" + fi + ;; + stop|restart|reload|force-reload) + # + # Updates the Hardware Clock with the System Clock time. + # This will *override* any changes made to the Hardware Clock. + # + # WARNING: If you disable this, any changes to the system + # clock will not be carried across reboots. + # + if [ ! -w /etc/adjtime ]; then + NOADJ="--noadjfile" + else + NOADJ="" + fi + + if [ "$HWCLOCKACCESS" != no ]; then + log_action_msg "Saving the system clock" + if [ "$GMT" = "-u" ]; then + GMT="--utc" + fi + if /sbin/hwclock --rtc=/dev/$HCTOSYS_DEVICE --systohc $GMT $HWCLOCKPARS $BADYEAR $NOADJ; then + verbose_log_action_msg "Hardware Clock updated to `date`" + fi + else + verbose_log_action_msg "Not saving System Clock" + fi + ;; + show) + if [ ! -w /etc/adjtime ]; then + NOADJ="--noadjfile" + else + NOADJ="" + fi + + if [ "$HWCLOCKACCESS" != no ]; then + /sbin/hwclock --rtc=/dev/$HCTOSYS_DEVICE --show $GMT $HWCLOCKPARS $BADYEAR $NOADJ + fi + ;; + *) + log_success_msg "Usage: hwclock.sh {start|stop|reload|force-reload|show}" + log_success_msg " start sets kernel (system) clock from hardware (RTC) clock" + log_success_msg " stop and reload set hardware (RTC) clock from kernel (system) clock" + return 1 + ;; + esac +} + +hwclocksh "$@" diff --git a/beagle/debian-rfs/etc/init.d/killprocs b/beagle/debian-rfs/etc/init.d/killprocs new file mode 100755 index 0000000..6cb5b91 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/killprocs @@ -0,0 +1,62 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: killprocs +# Required-Start: $local_fs +# Required-Stop: +# Default-Start: 1 +# Default-Stop: +# Short-Description: executed by init(8) upon entering runlevel 1 (single). +### END INIT INFO + +PATH=/sbin:/usr/sbin:/bin:/usr/bin + +. /lib/lsb/init-functions + +do_start () { + # Kill all processes. + log_action_begin_msg "Asking all remaining processes to terminate" + killall5 -15 # SIGTERM + log_action_end_msg 0 + alldead="" + for seq in 1 2 3 4 5 6 7 8 9 10; do + # use SIGCONT/signal 18 to check if there are + # processes left. No need to check the exit code + # value, because either killall5 work and it make + # sense to wait for processes to die, or it fail and + # there is nothing to wait for. + + if killall5 -18 ; then + : + else + alldead=1 + break + fi + + sleep 1 + done + if [ -z "$alldead" ] ; then + log_action_begin_msg "Killing all remaining processes" + killall5 -9 # SIGKILL + log_action_end_msg 1 + else + log_action_begin_msg "All processes ended within $seq seconds." + log_action_end_msg 0 + fi +} + +case "$1" in + start) + do_start + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + # No-op + ;; + *) + echo "Usage: $0 start|stop" >&2 + exit 3 + ;; +esac diff --git a/beagle/debian-rfs/etc/init.d/mountall-bootclean.sh b/beagle/debian-rfs/etc/init.d/mountall-bootclean.sh new file mode 100755 index 0000000..38c0191 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/mountall-bootclean.sh @@ -0,0 +1,31 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: mountall-bootclean +# Required-Start: mountall +# Required-Stop: +# Default-Start: S +# Default-Stop: +# Short-Description: bootclean after mountall. +# Description: Clean temporary filesystems after +# all local filesystems have been mounted. +### END INIT INFO + +case "$1" in + start|"") + # Clean /tmp, /var/lock, /var/run + . /lib/init/bootclean.sh + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + # No-op + ;; + *) + echo "Usage: mountall-bootclean.sh [start|stop]" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/mountall.sh b/beagle/debian-rfs/etc/init.d/mountall.sh new file mode 100755 index 0000000..405839c --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/mountall.sh @@ -0,0 +1,88 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: mountall +# Required-Start: checkfs +# Required-Stop: +# Default-Start: S +# Default-Stop: +# Short-Description: Mount all filesystems. +# Description: +### END INIT INFO + +PATH=/sbin:/bin +. /lib/init/vars.sh + +. /lib/lsb/init-functions +. /lib/init/mount-functions.sh +. /lib/init/swap-functions.sh + +# for ntfs-3g to get correct file name encoding +if [ -r /etc/default/locale ]; then + . /etc/default/locale + export LANG +fi + +do_start() { + # + # Mount local file systems in /etc/fstab. + # + mount_all_local() { + mount -a -t nonfs,nfs4,smbfs,cifs,ncp,ncpfs,coda,ocfs2,gfs,gfs2 \ + -O no_netdev + } + pre_mountall + if [ "$VERBOSE" = no ] + then + log_action_begin_msg "Mounting local filesystems" + mount_all_local + log_action_end_msg $? + else + log_daemon_msg "Will now mount local filesystems" + mount_all_local + log_end_msg $? + fi + post_mountall + + case "$(uname -s)" in + *FreeBSD) + INITCTL=/etc/.initctl + ;; + *) + INITCTL=/dev/initctl + ;; + esac + + # + # We might have mounted something over /dev, see if + # /dev/initctl is there. Look for /usr/share/sysvinit/update-rc.d + # to verify that sysvinit (and not upstart) is installed). + # + if [ ! -p $INITCTL ] && [ -f /usr/share/sysvinit/update-rc.d ]; then + rm -f $INITCTL + mknod -m 600 $INITCTL p + kill -USR1 1 + fi + + # Execute swapon command again, in case we want to swap to + # a file on a now mounted filesystem. + swaponagain 'swapfile' +} + +case "$1" in + start|"") + do_start + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + # No-op + ;; + *) + echo "Usage: mountall.sh [start|stop]" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/mountdevsubfs.sh b/beagle/debian-rfs/etc/init.d/mountdevsubfs.sh new file mode 100755 index 0000000..1b61621 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/mountdevsubfs.sh @@ -0,0 +1,76 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: mountdevsubfs +# Required-Start: mountkernfs +# Required-Stop: +# Should-Start: udev +# Default-Start: S +# Default-Stop: +# Short-Description: Mount special file systems under /dev. +# Description: Mount the virtual filesystems the kernel provides +# that ordinarily live under the /dev filesystem. +### END INIT INFO +# +# This script gets called multiple times during boot +# + +PATH=/sbin:/bin +TTYGRP=5 +TTYMODE=620 +[ -f /etc/default/devpts ] && . /etc/default/devpts + +TMPFS_SIZE= +[ -f /etc/default/tmpfs ] && . /etc/default/tmpfs + +KERNEL="$(uname -s)" + +. /lib/lsb/init-functions +. /lib/init/mount-functions.sh + +do_start () { + # + # Mount a tmpfs on /dev/shm + # + if [ ! -d /dev/shm ] + then + mkdir --mode=755 /dev/shm + [ -x /sbin/restorecon ] && /sbin/restorecon /dev/shm + fi + SHM_OPT= + [ "${SHM_SIZE:=$TMPFS_SIZE}" ] && SHM_OPT=",size=$SHM_SIZE" + domount tmpfs shmfs /dev/shm tmpfs -onosuid,nodev$SHM_OPT + + # + # Mount /dev/pts + # + if [ "$KERNEL" = Linux ] + then + if [ ! -d /dev/pts ] + then + mkdir --mode=755 /dev/pts + [ -x /sbin/restorecon ] && /sbin/restorecon /dev/pts + fi + domount devpts "" /dev/pts devpts -onoexec,nosuid,gid=$TTYGRP,mode=$TTYMODE + fi +} + +case "$1" in + "") + echo "Warning: mountdevsubfs should be called with the 'start' argument." >&2 + do_start + ;; + start) + do_start + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + # No-op + ;; + *) + echo "Usage: mountdevsubfs [start|stop]" >&2 + exit 3 + ;; +esac diff --git a/beagle/debian-rfs/etc/init.d/mountkernfs.sh b/beagle/debian-rfs/etc/init.d/mountkernfs.sh new file mode 100755 index 0000000..f3222b8 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/mountkernfs.sh @@ -0,0 +1,83 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: mountkernfs +# Required-Start: +# Required-Stop: +# Should-Start: glibc +# Default-Start: S +# Default-Stop: +# Short-Description: Mount kernel virtual file systems. +# Description: Mount initial set of virtual filesystems the kernel +# provides and that are required by everything. +### END INIT INFO + +PATH=/sbin:/bin +. /lib/init/vars.sh + +. /lib/lsb/init-functions +. /lib/init/mount-functions.sh + +[ -f /etc/default/tmpfs ] && . /etc/default/tmpfs + +do_start () { + # + # Get some writable area available before the root is checked + # and remounted. + # + RW_OPT= + [ "${RW_SIZE:=$TMPFS_SIZE}" ] && RW_OPT=",size=$RW_SIZE" + domount tmpfs "" /lib/init/rw tmpfs -omode=0755,nosuid$RW_OPT + touch /lib/init/rw/.ramfs + + # Make pidfile omit directory for sendsigs + mkdir /lib/init/rw/sendsigs.omit.d/ + + # + # Mount proc filesystem on /proc + # + domount proc "" /proc proc -onodev,noexec,nosuid + + # + # Mount sysfs on /sys + # + # Only mount sysfs if it is supported (kernel >= 2.6) + if grep -E -qs "sysfs\$" /proc/filesystems + then + domount sysfs "" /sys sysfs -onodev,noexec,nosuid + fi + + # Mount /var/run and /var/lock as tmpfs if enabled + if [ yes = "$RAMRUN" ] ; then + RUN_OPT= + [ "${RUN_SIZE:=$TMPFS_SIZE}" ] && RUN_OPT=",size=$RUN_SIZE" + domount tmpfs "" /var/run varrun -omode=0755,nosuid$RUN_OPT + touch /var/run/.ramfs + fi + if [ yes = "$RAMLOCK" ] ; then + LOCK_OPT= + [ "${LOCK_SIZE:=$TMPFS_SIZE}" ] && LOCK_OPT=",size=$LOCK_SIZE" + domount tmpfs "" /var/lock varlock -omode=1777,nodev,noexec,nosuid$LOCK_OPT + touch /var/lock/.ramfs + fi +} + +case "$1" in + "") + echo "Warning: mountkernfs should be called with the 'start' argument." >&2 + do_start + ;; + start) + do_start + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + # No-op + ;; + *) + echo "Usage: mountkernfs [start|stop]" >&2 + exit 3 + ;; +esac diff --git a/beagle/debian-rfs/etc/init.d/mountnfs-bootclean.sh b/beagle/debian-rfs/etc/init.d/mountnfs-bootclean.sh new file mode 100755 index 0000000..bd1a574 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/mountnfs-bootclean.sh @@ -0,0 +1,31 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: mountnfs-bootclean +# Required-Start: $local_fs mountnfs +# Required-Stop: +# Default-Start: S +# Default-Stop: +# Short-Description: bootclean after mountnfs. +# Description: Clean temporary filesystems after +# network filesystems have been mounted. +### END INIT INFO + +case "$1" in + start|"") + # Clean /tmp, /var/lock, /var/run + . /lib/init/bootclean.sh + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + # No-op + ;; + *) + echo "Usage: mountnfs-bootclean.sh [start|stop]" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/mountnfs.sh b/beagle/debian-rfs/etc/init.d/mountnfs.sh new file mode 100755 index 0000000..8d07bb7 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/mountnfs.sh @@ -0,0 +1,108 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: mountnfs +# Required-Start: $local_fs +# Required-Stop: +# Should-Start: $network $portmap nfs-common udev-mtab +# Default-Start: S +# Default-Stop: +# Short-Description: Wait for network file systems to be mounted +# Description: Network file systems are mounted by +# /etc/network/if-up.d/mountnfs in the background +# when interfaces are brought up; this script waits +# for them to be mounted before carrying on. +### END INIT INFO + +. /lib/init/vars.sh +. /lib/lsb/init-functions + +do_wait_async_mount() { + [ -f /etc/fstab ] || return + # + # Read through fstab line by line. If it is NFS, set the flag + # for mounting NFS file systems. If any NFS partition is found + # then wait around for it. + # + + exec 9<&0 </etc/fstab + + waitnfs= + while read DEV MTPT FSTYPE OPTS REST + do + case "$DEV" in + ""|\#*) + continue + ;; + esac + case "$OPTS" in + noauto|*,noauto|noauto,*|*,noauto,*) + continue + ;; + esac + case "$FSTYPE" in + nfs|nfs4|smbfs|cifs|coda|ncp|ncpfs|ocfs2|gfs) + ;; + *) + continue + ;; + esac + case "$MTPT" in + /usr/local|/usr/local/*) + ;; + /usr|/usr/*) + waitnfs="$waitnfs $MTPT" + ;; + /var|/var/*) + waitnfs="$waitnfs $MTPT" + ;; + esac + done + + exec 0<&9 9<&- + + # Wait for each path, the timeout is for all of them as that's + # really the maximum time we have to wait anyway + TIMEOUT=900 + for mountpt in $waitnfs; do + log_action_begin_msg "Waiting for $mountpt" + + while ! mountpoint -q $mountpt; do + sleep 0.1 + + TIMEOUT=$(( $TIMEOUT - 1 )) + if [ $TIMEOUT -le 0 ]; then + log_action_end_msg 1 + break + fi + done + + if [ $TIMEOUT -gt 0 ]; then + log_action_end_msg 0 + fi + done +} + +case "$1" in + start) + # Using 'no !=' instead of 'yes =' to make sure async nfs + # mounting is the default even without a value in + # /etc/default/rcS + if [ no != "$ASYNCMOUNTNFS" ] ; then + do_wait_async_mount + else + FROMINITD=yes /etc/network/if-up.d/mountnfs + fi + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + ;; + *) + echo "Usage: $0 start|stop" >&2 + exit 3 + ;; +esac + +: exit 0 diff --git a/beagle/debian-rfs/etc/init.d/mountoverflowtmp b/beagle/debian-rfs/etc/init.d/mountoverflowtmp new file mode 100755 index 0000000..1b547d1 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/mountoverflowtmp @@ -0,0 +1,55 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: mountoverflowtmp +# Required-Start: mountall-bootclean +# Required-Stop: umountfs +# Default-Start: S +# Default-Stop: +# Short-Description: mount emergency /tmp. +# Description: Mount a tmpfs on /tmp if there would +# otherwise be too little space to log in. +### END INIT INFO + +. /lib/init/vars.sh +. /lib/lsb/init-functions + +set -e + +defs=/etc/default/mountoverflowtmp +test ! -f "$defs" || . "$defs" + +: ${MINTMPKB:=1024} +if test "$MINTMPKB" = "0"; then exit 0; fi + +case "$1" in + start) + [ "$VERBOSE" != no ] && log_action_begin_msg "Checking minimum space in /tmp" + df="`LC_ALL=C df -kP /tmp | grep -v Filesystem`" + set -- $df + avail="$4" + [ "$VERBOSE" != no ] && log_action_end_msg 0 + if test $avail -lt "$MINTMPKB"; then + log_action_begin_msg "Mounting emergency tmpfs on /tmp" + mount -t tmpfs -o size=1048576,mode=1777 overflow /tmp + log_action_end_msg 0 + fi + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + if LC_ALL=C mount | \ + grep '^overflow on /tmp type tmpfs' >/dev/null; then + log_action_begin_msg "Unmounting any overflow tmpfs from /tmp" + umount overflow + log_action_end_msg 0 + fi + ;; + *) + echo "Usage: mountoverflowtmp [start|stop]" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/mtab.sh b/beagle/debian-rfs/etc/init.d/mtab.sh new file mode 100755 index 0000000..d81c928 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/mtab.sh @@ -0,0 +1,180 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: mtab +# Required-Start: checkroot +# Required-Stop: +# Default-Start: S +# Default-Stop: +# Short-Description: Update mtab file. +# Description: Update the mount program's mtab file after +# all local filesystems have been mounted. +### END INIT INFO + +# +# The main purpose of this script is to update the mtab file to reflect +# the fact that virtual filesystems were mounted early on, before mtab +# was writable. +# + +PATH=/sbin:/bin +. /lib/init/vars.sh + +TTYGRP=5 +TTYMODE=620 +[ -f /etc/default/devpts ] && . /etc/default/devpts + +TMPFS_SIZE= +[ -f /etc/default/tmpfs ] && . /etc/default/tmpfs + +KERNEL="$(uname -s)" + +. /lib/lsb/init-functions +. /lib/init/mount-functions.sh + +# $1 - fstype +# $2 - mount point +# $3 - mount name/device +# $4 - mount options +domtab () +{ + # Directory present? + if [ ! -d $2 ] + then + return + fi + + # Not mounted? + if ! mountpoint -q $2 < /dev/null + then + return + fi + + if [ -n "$3" ] + then + NAME="$3" + else + NAME="$1" + fi + + # Already recorded? + if ! grep -E -sq "^([^ ]+) +$2 +" /etc/mtab < /dev/null + then + mount -f -t $1 $OPTS $4 $NAME $2 < /dev/null + fi +} + +do_start () { + DO_MTAB="" + MTAB_PATH="$(readlink -f /etc/mtab || :)" + case "$MTAB_PATH" in + /proc/*) + # Assume that /proc/ is not writable + ;; + /*) + # Only update mtab if it is known to be writable + # Note that the touch program is in /usr/bin + #if ! touch "$MTAB_PATH" >/dev/null 2>&1 + #then + # return + #fi + ;; + "") + [ -L /etc/mtab ] && MTAB_PATH="$(readlink /etc/mtab)" + if [ "$MTAB_PATH" ] + then + log_failure_msg "Cannot initialize ${MTAB_PATH}." + else + log_failure_msg "Cannot initialize /etc/mtab." + fi + ;; + *) + log_failure_msg "Illegal mtab location '${MTAB_PATH}'." + ;; + esac + + # + # Initialize mtab file if necessary + # + if [ ! -f /etc/mtab ] + then + :> /etc/mtab + chmod 644 /etc/mtab + fi + if selinux_enabled && [ -x /sbin/restorecon ] && [ -r /etc/mtab ] + then + restorecon /etc/mtab + fi + + # S02mountkernfs.sh + RW_OPT= + [ "${RW_SIZE:=$TMPFS_SIZE}" ] && RW_OPT=",size=$RW_SIZE" + domtab tmpfs /lib/init/rw tmpfs -omode=0755,nosuid$RW_OPT + + domtab proc /proc "proc" -onodev,noexec,nosuid + if grep -E -qs "sysfs\$" /proc/filesystems + then + domtab sysfs /sys sysfs -onodev,noexec,nosuid + fi + if [ yes = "$RAMRUN" ] ; then + RUN_OPT= + [ "${RUN_SIZE:=$TMPFS_SIZE}" ] && RUN_OPT=",size=$RUN_SIZE" + domtab tmpfs /var/run "varrun" -omode=0755,nosuid$RUN_OPT + fi + if [ yes = "$RAMLOCK" ] ; then + LOCK_OPT= + [ "${LOCK_SIZE:=$TMPFS_SIZE}" ] && LOCK_OPT=",size=$LOCK_SIZE" + domtab tmpfs /var/lock "varlock" -omode=1777,nodev,noexec,nosuid$LOCK_OPT + fi + if [ -d /proc/bus/usb ] + then + domtab usbfs /proc/bus/usb "procbususb" + fi + + # S03udev + domtab tmpfs /dev "udev" -omode=0755 + + # S04mountdevsubfs + SHM_OPT= + [ "${SHM_SIZE:=$TMPFS_SIZE}" ] && SHM_OPT=",size=$SHM_SIZE" + domtab tmpfs /dev/shm tmpfs -onosuid,nodev$SHM_OPT + domtab devpts /dev/pts "devpts" -onoexec,nosuid,gid=$TTYGRP,mode=$TTYMODE + + # Add everything else in /proc/mounts into /etc/mtab, with + # special exceptions. + exec 9<&0 0</proc/mounts + while read FDEV FDIR FTYPE FOPTS REST + do + case "$FDIR" in + /lib/modules/*/volatile) + FDEV="lrm" + ;; + /dev/.static/dev) + # Not really useful to show in 'df', + # and it isn't accessible for non-root + # users. + continue + ;; + esac + domtab "$FTYPE" "$FDIR" "$FDEV" "-o$FOPTS" + done + exec 0<&9 9<&- +} + +case "$1" in + start|"") + do_start + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + # No-op + ;; + *) + echo "Usage: mountall-mtab.sh [start|stop]" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/rc b/beagle/debian-rfs/etc/init.d/rc new file mode 100755 index 0000000..fdb8ac7 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/rc @@ -0,0 +1,338 @@ +#! /bin/sh +# +# rc +# +# Starts/stops services on runlevel changes. +# +# Optimization: A start script is not run when the service was already +# configured to run in the previous runlevel. A stop script is not run +# when the the service was already configured not to run in the previous +# runlevel. +# +# Authors: +# Miquel van Smoorenburg <miquels@cistron.nl> +# Bruce Perens <Bruce@Pixar.com> + +PATH=/sbin:/usr/sbin:/bin:/usr/bin +export PATH + +# Un-comment the following for interactive debugging. Do not un-comment +# this for debugging a real boot process as no scripts will be executed. +# debug=echo + +# Specify method used to enable concurrent init.d scripts. +# Valid options are 'none' and 'makefile'. Obsolete options +# used earlier are 'shell' and 'startpar'. The obsolete options +# are aliases for 'makefile' since 2010-05-14. The default since +# the same date is 'makefile', as the init.d scripts in Debian now +# include dependency information and are ordered using this +# information. See insserv for information on dependency based +# boot sequencing. +CONCURRENCY=makefile + +# Make sure the name survive changing the argument list +scriptname="$0" + +umask 022 + +on_exit() { + echo "error: '$scriptname' exited outside the expected code flow." +} +trap on_exit EXIT # Enable emergency handler + +# Ignore CTRL-C only in this shell, so we can interrupt subprocesses. +trap ":" INT QUIT TSTP + +# Set onlcr to avoid staircase effect. +stty onlcr 0>&1 + +# Functions for splash progress bars +if [ -e /lib/init/splash-functions-base ] ; then + . /lib/init/splash-functions-base +else + # Quiet down script if old initscripts version without /lib/init/splash-functions-base is used. + splash_progress() { return 1; } + splash_stop() { return 1; } +fi + +# Now find out what the current and what the previous runlevel are. + +runlevel=$RUNLEVEL +# Get first argument. Set new runlevel to this argument. +[ "$1" != "" ] && runlevel=$1 +if [ "$runlevel" = "" ] +then + echo "Usage: $scriptname <runlevel>" >&2 + exit 1 +fi +previous=$PREVLEVEL +[ "$previous" = "" ] && previous=N + +export runlevel previous + +if [ -f /etc/default/rcS ] ; then + . /etc/default/rcS +fi +export VERBOSE + +if [ -f /lib/lsb/init-functions ] ; then + . /lib/lsb/init-functions +else + log_action_msg() { echo $@; } + log_failure_msg() { echo $@; } + log_warning_msg() { echo $@; } +fi + +# +# Stub to do progress bar ticks (for splash programs) on startup +# +startup_progress() { + # Avoid divide by zero if anyone moved xdm/kdm/gdm first in a runlevel. + if [ 0 -eq "$num_steps" ] ; then return; fi + + step=$(($step + $step_change)) + progress=$(($step * $progress_size / $num_steps + $first_step)) + $debug splash_progress "$progress" || true +} + +# +# Check if we are able to use make like booting. It require the +# insserv package to be enabled. Boot concurrency also requires +# startpar to be installed. +# +if [ "none" != "$CONCURRENCY" ] ; then + test -s /etc/init.d/.depend.boot || CONCURRENCY="none" + test -s /etc/init.d/.depend.start || CONCURRENCY="none" + test -s /etc/init.d/.depend.stop || CONCURRENCY="none" + if test -e /etc/init.d/.legacy-bootordering ; then + CONCURRENCY="none" + fi + startpar -v > /dev/null 2>&1 || CONCURRENCY="none" +fi + +# +# Start script or program. +# +case "$CONCURRENCY" in + makefile|startpar|shell) # startpar and shell are obsolete + CONCURRENCY=makefile + log_action_msg "Using makefile-style concurrent boot in runlevel $runlevel" + # The splash API is not handled with this CONCURRENCY mode. + # It need to be implented in startpar. Until that is done + # stop the splash screen before starting services, to avoid + # usplash and X to confuse each other during boot. + startup() { + if [ start = "$1" ] || [ boot = "$1" ] + then + $debug splash_stop || true + fi + eval "$(startpar -p 4 -t 20 -T 3 -M $1 -P $previous -R $runlevel)" + + if [ -n "$failed_service" ] + then + log_failure_msg "startpar: service(s) returned failure: $failed_service" + fi + + if [ -n "$skipped_service" ] + then + log_warning_msg "startpar: service(s) skipped: $skipped_service" + fi + + unset failed_service skipped_service + } + ;; + none|*) + startup() { + action=$1 + shift + scripts="$@" + for script in $scripts ; do + $debug "$script" $action + startup_progress + done + } + ;; +esac + +# Check if the splash screen should be stopped before the given +# script. +is_splash_stop_scripts() { + scriptname=$1 + case "$scriptname" in + # killprocs is used in runlevel 1 + gdm|xdm|kdm|ltsp-client|ltsp-client-core|reboot|halt|killprocs) + return 0 + ;; + esac + return 1 +} + +# Is there an rc directory for this new runlevel? +if [ -d /etc/rc$runlevel.d ] +then + # Find out where in the progress bar the initramfs got to. + PROGRESS_STATE=0 + if [ -f /dev/.initramfs/progress_state ]; then + . /dev/.initramfs/progress_state + fi + + # Split the remaining portion of the progress bar into thirds + progress_size=$(((100 - $PROGRESS_STATE) / 3)) + + case "$runlevel" in + 0|6) + ACTION=stop + # Count down from 0 to -100 and use the entire bar + first_step=0 + progress_size=100 + step_change=-1 + ;; + S) + ACTION=start + # Begin where the initramfs left off and use 2/3 + # of the remaining space + first_step=$PROGRESS_STATE + progress_size=$(($progress_size * 2)) + step_change=1 + ;; + *) + ACTION=start + # Begin where rcS left off and use the final 1/3 of + # the space (by leaving progress_size unchanged) + first_step=$(($progress_size * 2 + $PROGRESS_STATE)) + step_change=1 + ;; + esac + + # Count the number of scripts we need to run + # (for progress bars) + num_steps=0 + for s in /etc/rc$runlevel.d/[SK]*; do + if is_splash_stop_scripts "${s##/etc/rc$runlevel.d/S??}" ; then + break + fi + num_steps=$(($num_steps + 1)) + done + step=0 + + # First, run the KILL scripts. + if [ makefile = "$CONCURRENCY" ] + then + if [ "$ACTION" = "start" ] && [ "$previous" != N ] + then + startup stop + fi + elif [ "$previous" != N ] + then + # Run all scripts with the same level in parallel + CURLEVEL="" + for s in /etc/rc$runlevel.d/K* + do + # Extract order value from symlink + level=${s#/etc/rc$runlevel.d/K} + level=${level%%[a-zA-Z]*} + if [ "$level" = "$CURLEVEL" ] + then + continue + fi + CURLEVEL=$level + SCRIPTS="" + for i in /etc/rc$runlevel.d/K$level* + do + # Check if the script is there. + [ ! -f $i ] && continue + + # + # Find stop script in previous runlevel but + # no start script there. + # + suffix=${i#/etc/rc$runlevel.d/K[0-9][0-9]} + previous_stop=/etc/rc$previous.d/K[0-9][0-9]$suffix + previous_start=/etc/rc$previous.d/S[0-9][0-9]$suffix + # + # If there is a stop script in the previous level + # and _no_ start script there, we don't + # have to re-stop the service. + # + [ -f $previous_stop ] && [ ! -f $previous_start ] && continue + + # Stop the service. + SCRIPTS="$SCRIPTS $i" + if is_splash_stop_scripts "$suffix" ; then + $debug splash_stop || true + fi + done + startup stop $SCRIPTS + done + fi + + if [ makefile = "$CONCURRENCY" ] + then + if [ S = "$runlevel" ] + then + startup boot + else + startup $ACTION + fi + else + # Now run the START scripts for this runlevel. + # Run all scripts with the same level in parallel + CURLEVEL="" + for s in /etc/rc$runlevel.d/S* + do + # Extract order value from symlink + level=${s#/etc/rc$runlevel.d/S} + level=${level%%[a-zA-Z]*} + if [ "$level" = "$CURLEVEL" ] + then + continue + fi + CURLEVEL=$level + SCRIPTS="" + for i in /etc/rc$runlevel.d/S$level* + do + [ ! -f $i ] && continue + + suffix=${i#/etc/rc$runlevel.d/S[0-9][0-9]} + if [ "$previous" != N ] + then + # + # Find start script in previous runlevel and + # stop script in this runlevel. + # + stop=/etc/rc$runlevel.d/K[0-9][0-9]$suffix + previous_start=/etc/rc$previous.d/S[0-9][0-9]$suffix + # + # If there is a start script in the previous level + # and _no_ stop script in this level, we don't + # have to re-start the service. + # + if [ start = "$ACTION" ] ; then + [ -f $previous_start ] && [ ! -f $stop ] && continue + else + # Workaround for the special + # handling of runlevels 0 and 6. + previous_stop=/etc/rc$previous.d/K[0-9][0-9]$suffix + # + # If there is a stop script in the previous level + # and _no_ start script there, we don't + # have to re-stop the service. + # + [ -f $previous_stop ] && [ ! -f $previous_start ] && continue + fi + + fi + SCRIPTS="$SCRIPTS $i" + if is_splash_stop_scripts "$suffix" ; then + $debug splash_stop || true + fi + done + startup $ACTION $SCRIPTS + done + fi +fi + +trap - EXIT # Disable emergency handler + +exit 0 + diff --git a/beagle/debian-rfs/etc/init.d/rc.local b/beagle/debian-rfs/etc/init.d/rc.local new file mode 100755 index 0000000..5033c7e --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/rc.local @@ -0,0 +1,41 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: rc.local +# Required-Start: $remote_fs $syslog $all +# Required-Stop: +# Default-Start: 2 3 4 5 +# Default-Stop: +# Short-Description: Run /etc/rc.local if it exist +### END INIT INFO + + +PATH=/sbin:/usr/sbin:/bin:/usr/bin + +. /lib/init/vars.sh +. /lib/lsb/init-functions + +do_start() { + if [ -x /etc/rc.local ]; then + [ "$VERBOSE" != no ] && log_begin_msg "Running local boot scripts (/etc/rc.local)" + /etc/rc.local + ES=$? + [ "$VERBOSE" != no ] && log_end_msg $ES + return $ES + fi +} + +case "$1" in + start) + do_start + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + ;; + *) + echo "Usage: $0 start|stop" >&2 + exit 3 + ;; +esac diff --git a/beagle/debian-rfs/etc/init.d/rcS b/beagle/debian-rfs/etc/init.d/rcS new file mode 100755 index 0000000..546b724 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/rcS @@ -0,0 +1,8 @@ +#! /bin/sh +# +# rcS +# +# Call all S??* scripts in /etc/rcS.d/ in numerical/alphabetical order +# + +exec /etc/init.d/rc S diff --git a/beagle/debian-rfs/etc/init.d/reboot b/beagle/debian-rfs/etc/init.d/reboot new file mode 100755 index 0000000..af59a80 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/reboot @@ -0,0 +1,38 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: reboot +# Required-Start: +# Required-Stop: +# Default-Start: +# Default-Stop: 6 +# Short-Description: Execute the reboot command. +# Description: +### END INIT INFO + +PATH=/sbin:/usr/sbin:/bin:/usr/bin + +. /lib/lsb/init-functions + +do_stop () { + # Message should end with a newline since kFreeBSD may + # print more stuff (see #323749) + log_action_msg "Will now restart" + reboot -d -f -i +} + +case "$1" in + start) + # No-op + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + do_stop + ;; + *) + echo "Usage: $0 start|stop" >&2 + exit 3 + ;; +esac diff --git a/beagle/debian-rfs/etc/init.d/rmnologin b/beagle/debian-rfs/etc/init.d/rmnologin new file mode 100755 index 0000000..62cb6fa --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/rmnologin @@ -0,0 +1,59 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: rmnologin +# Required-Start: $remote_fs $all +# Required-Stop: +# Default-Start: 2 3 4 5 +# Default-Stop: +# Short-Description: Remove /etc/nologin at boot +# Description: This script removes the /etc/nologin file as the +# last step in the boot process, if DELAYLOGIN=yes. +# If DELAYLOGIN=no, /etc/nologin was not created by +# bootmisc earlier in the boot process. +### END INIT INFO + +PATH=/sbin:/bin +[ "$DELAYLOGIN" ] || DELAYLOGIN=yes +. /lib/init/vars.sh + +do_start () { + # + # If login delaying is enabled then remove the flag file + # + case "$DELAYLOGIN" in + Y*|y*) + rm -f /var/lib/initscripts/nologin + ;; + esac +} + +do_status () { + if [ ! -f /var/lib/initscripts/nologin ] ; then + return 0 + else + return 4 + fi +} + +case "$1" in + start) + do_start + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + # No-op + ;; + status) + do_status + exit $? + ;; + *) + echo "Usage: $0 start|stop" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/sendsigs b/beagle/debian-rfs/etc/init.d/sendsigs new file mode 100755 index 0000000..f5c33c5 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/sendsigs @@ -0,0 +1,126 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: sendsigs +# Required-Start: +# Required-Stop: umountnfs +# Default-Start: +# Default-Stop: 0 6 +# Short-Description: Kill all remaining processes. +# Description: +### END INIT INFO + +PATH=/sbin:/usr/sbin:/bin:/usr/bin + +. /lib/lsb/init-functions + +# Make it possible to see who the misbehaving processes are +report_unkillable() { + if [ -x /usr/bin/pstree ] ; then + echo "Currently running processes (pstree):" + pstree + elif [ -x /bin/ps ] ; then + echo "Currently running processes (ps):" + ps -ef + fi +} + +do_stop () { + OMITPIDS= + + # The /var/run/sendsigs.omit file is used to be compatible + # with Ubuntu. + for omitfile in /var/run/sendsigs.omit /lib/init/rw/sendsigs.omit; do + if [ -e $omitfile ]; then + for pid in $(cat $omitfile); do + OMITPIDS="${OMITPIDS:+$OMITPIDS }-o $pid" + done + fi + done + + # Load sendsigs.omit.d/packagename files too, to make it + # possible for scripts that need to modify the list of pids at + # run time without race conditions. + if [ -d /lib/init/rw/sendsigs.omit.d/ ]; then + for pidfile in /lib/init/rw/sendsigs.omit.d/*; do + [ -f "$pidfile" ] || continue + for pid in $(cat $pidfile); do + OMITPIDS="${OMITPIDS:+$OMITPIDS }-o $pid" + done + done + fi + + # Upstart jobs have their own "stop on" clauses that sends + # SIGTERM/SIGKILL just like this, so if they're still running, + # they're supposed to be + if [ -x /sbin/initctl ]; then + for pid in $(initctl list | sed -n -e "/process [0-9]/s/.*process //p"); do + OMITPIDS="${OMITPIDS:+$OMITPIDS }-o $pid" + done + fi + + # Flush the kernel I/O buffer before we start to kill + # processes, to make sure the IO of already stopped services to + # not slow down the remaining processes to a point where they + # are accidentily killed with SIGKILL because they did not + # manage to shut down in time. + sync + + # Kill all processes. + log_action_begin_msg "Asking all remaining processes to terminate" + killall5 -15 $OMITPIDS # SIGTERM + log_action_end_msg 0 + alldead="" + for seq in 1 2 3 4 5 6 7 8 9 10; do + # use SIGCONT/signal 18 to check if there are + # processes left. No need to check the exit code + # value, because either killall5 work and it make + # sense to wait for processes to die, or it fail and + # there is nothing to wait for. + + # did an upstart job start since we last polled initctl? check + # again on each loop and add any new jobs (e.g., plymouth) to + # the list. If we did miss one starting up, this beats waiting + # 10 seconds before shutting down. + if [ -x /sbin/initctl ]; then + for pid in $(initctl list | sed -n -e "/process [0-9]/s/.*process //p"); do + OMITPIDS="${OMITPIDS:+$OMITPIDS }-o $pid" + done + fi + if killall5 -18 $OMITPIDS ; then + : + else + alldead=1 + break + fi + + sleep 1 + done + if [ -z "$alldead" ] ; then + report_unkillable + log_action_begin_msg "Killing all remaining processes" + killall5 -9 $OMITPIDS # SIGKILL + log_action_end_msg 1 + else + log_action_begin_msg "All processes ended within $seq seconds." + log_action_end_msg 0 + fi +} + +case "$1" in + start) + # No-op + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + do_stop + ;; + *) + echo "Usage: $0 start|stop" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/single b/beagle/debian-rfs/etc/init.d/single new file mode 100755 index 0000000..3379102 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/single @@ -0,0 +1,35 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: single +# Required-Start: $local_fs $all killprocs +# Required-Stop: +# Default-Start: 1 +# Default-Stop: +# Short-Description: executed by init(8) upon entering runlevel 1 (single). +### END INIT INFO + +PATH=/sbin:/bin + +. /lib/lsb/init-functions + +do_start () { + log_action_msg "Will now switch to single-user mode" + exec init -t1 S +} + +case "$1" in + start) + do_start + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + # No-op + ;; + *) + echo "Usage: $0 start|stop" >&2 + exit 3 + ;; +esac diff --git a/beagle/debian-rfs/etc/init.d/skeleton b/beagle/debian-rfs/etc/init.d/skeleton new file mode 100644 index 0000000..dac9480 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/skeleton @@ -0,0 +1,159 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: skeleton +# Required-Start: $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Example initscript +# Description: This file should be used to construct scripts to be +# placed in /etc/init.d. +### END INIT INFO + +# Author: Foo Bar <foobar@baz.org> +# +# Please remove the "Author" lines above and replace them +# with your own name if you copy and modify this script. + +# Do NOT "set -e" + +# PATH should only include /usr/* if it runs after the mountnfs.sh script +PATH=/sbin:/usr/sbin:/bin:/usr/bin +DESC="Description of the service" +NAME=daemonexecutablename +DAEMON=/usr/sbin/$NAME +DAEMON_ARGS="--options args" +PIDFILE=/var/run/$NAME.pid +SCRIPTNAME=/etc/init.d/$NAME + +# Exit if the package is not installed +[ -x "$DAEMON" ] || exit 0 + +# Read configuration variable file if it is present +[ -r /etc/default/$NAME ] && . /etc/default/$NAME + +# Load the VERBOSE setting and other rcS variables +. /lib/init/vars.sh + +# Define LSB log_* functions. +# Depend on lsb-base (>= 3.2-14) to ensure that this file is present +# and status_of_proc is working. +. /lib/lsb/init-functions + +# +# Function that starts the daemon/service +# +do_start() +{ + # Return + # 0 if daemon has been started + # 1 if daemon was already running + # 2 if daemon could not be started + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ + || return 1 + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \ + $DAEMON_ARGS \ + || return 2 + # Add code here, if necessary, that waits for the process to be ready + # to handle requests from services started subsequently which depend + # on this one. As a last resort, sleep for some time. +} + +# +# Function that stops the daemon/service +# +do_stop() +{ + # Return + # 0 if daemon has been stopped + # 1 if daemon was already stopped + # 2 if daemon could not be stopped + # other if a failure occurred + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME + RETVAL="$?" + [ "$RETVAL" = 2 ] && return 2 + # Wait for children to finish too if this is a daemon that forks + # and if the daemon is only ever run from this initscript. + # If the above conditions are not satisfied then add some other code + # that waits for the process to drop all resources that could be + # needed by services started subsequently. A last resort is to + # sleep for some time. + start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON + [ "$?" = 2 ] && return 2 + # Many daemons don't delete their pidfiles when they exit. + rm -f $PIDFILE + return "$RETVAL" +} + +# +# Function that sends a SIGHUP to the daemon/service +# +do_reload() { + # + # If the daemon can reload its configuration without + # restarting (for example, when it is sent a SIGHUP), + # then implement that here. + # + start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME + return 0 +} + +case "$1" in + start) + [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" + do_start + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac + ;; + stop) + [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" + do_stop + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac + ;; + status) + status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $? + ;; + #reload|force-reload) + # + # If do_reload() is not implemented then leave this commented out + # and leave 'force-reload' as an alias for 'restart'. + # + #log_daemon_msg "Reloading $DESC" "$NAME" + #do_reload + #log_end_msg $? + #;; + restart|force-reload) + # + # If the "reload" option is implemented then remove the + # 'force-reload' alias + # + log_daemon_msg "Restarting $DESC" "$NAME" + do_stop + case "$?" in + 0|1) + do_start + case "$?" in + 0) log_end_msg 0 ;; + 1) log_end_msg 1 ;; # Old process is still running + *) log_end_msg 1 ;; # Failed to start + esac + ;; + *) + # Failed to stop + log_end_msg 1 + ;; + esac + ;; + *) + #echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2 + echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/stop-bootlogd b/beagle/debian-rfs/etc/init.d/stop-bootlogd new file mode 100755 index 0000000..1797b7d --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/stop-bootlogd @@ -0,0 +1,33 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: stop-bootlogd +# Required-Start: $local_fs $all +# Required-Stop: +# Default-Start: 2 3 4 5 +# Default-Stop: +# Short-Description: Stop bootlogd +# Description: See the init.d/bootlogd script +### END INIT INFO + +NAME=stop-bootlogd +DAEMON=/sbin/bootlogd + +[ -x "$DAEMON" ] || exit 0 + +case "$1" in + start) + /etc/init.d/bootlogd stop + ;; + stop|restart|force-reload) + # No-op + ;; + status) + exec /etc/init.d/bootlogd status + ;; + *) + echo "Usage: $NAME {start|stop|restart|force-reload}" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/stop-bootlogd-single b/beagle/debian-rfs/etc/init.d/stop-bootlogd-single new file mode 100755 index 0000000..2e76f16 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/stop-bootlogd-single @@ -0,0 +1,51 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: stop-bootlogd-single +# Required-Start: $local_fs $all +# Required-Stop: +# Default-Start: S +# Default-Stop: +# Short-Description: Stop bootlogd in single user mode +# Description: See the init.d/bootlogd script +### END INIT INFO +# +# This has to run in the boot sequence (rcS.d), and not in the "single +# user" sequence (rc1.d), because rc1.d/ is not used when booting into +# single user. "grep :[S1]: /etc/inittab" show that single user is just +# a call to /sbin/sulogin, while runlevel 1 is a call to +# "/etc/init.d/rc 1" which in the end switches to runlevel S to run +# /sbin/sulogin. + +PATH=/sbin:/usr/sbin:/bin:/usr/bin +NAME=stop-bootlogd-single +DAEMON=/sbin/bootlogd + +[ -x "$DAEMON" ] || exit 0 + +case "$1" in + start) + single=false + for word in $(cat /proc/cmdline); do + case "$word" in + S|single|1) + single=true + ;; + esac + done + if [ true = "$single" ] ; then + /etc/init.d/bootlogd stop + fi + ;; + stop|restart|force-reload) + # No-op + ;; + status) + exec /etc/init.d/bootlogd status + ;; + *) + echo "Usage: $NAME {start|stop|restart|force-reload}" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/umountfs b/beagle/debian-rfs/etc/init.d/umountfs new file mode 100755 index 0000000..7df5e3f --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/umountfs @@ -0,0 +1,144 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: umountfs +# Required-Start: +# Required-Stop: umountroot +# Default-Start: +# Default-Stop: 0 6 +# Short-Description: Turn off swap and unmount all local file systems. +# Description: +### END INIT INFO + +PATH=/sbin:/usr/sbin:/bin:/usr/bin +. /lib/init/vars.sh + +. /lib/lsb/init-functions + +umask 022 + +do_stop () { + exec 9<&0 </proc/mounts + + PROTECTED_MOUNTS="$(sed -n '0,/^\/[^ ]* \/ /p' /proc/mounts)" + WEAK_MTPTS="" # be gentle, don't use force + REG_MTPTS="" + TMPFS_MTPTS="" + while read -r DEV MTPT FSTYPE REST + do + echo "$PROTECTED_MOUNTS" | grep -qs "^$DEV $MTPT " && continue + case "$MTPT" in + /|/proc|/dev|/.dev|/dev/pts|/dev/shm|/dev/.static/dev|/proc/*|/sys|/sys/*|/lib/init/rw) + continue + ;; + /var/run) + if [ yes = "$RAMRUN" ] ; then + continue + fi + ;; + /var/lock) + if [ yes = "$RAMLOCK" ] ; then + continue + fi + ;; + esac + case "$FSTYPE" in + proc|procfs|linprocfs|sysfs|usbfs|usbdevfs|devpts) + continue + ;; + tmpfs) + TMPFS_MTPTS="$MTPT $TMPFS_MTPTS" + ;; + *) + if echo "$PROTECTED_MOUNTS" | grep -qs "^$DEV "; then + WEAK_MTPTS="$MTPT $WEAK_MTPTS" + else + REG_MTPTS="$MTPT $REG_MTPTS" + fi + ;; + esac + done + + exec 0<&9 9<&- + + # + # Make sure tmpfs file systems are umounted before turning off + # swap, to avoid running out of memory if the tmpfs filesystems + # use a lot of space. + # + if [ "$TMPFS_MTPTS" ] + then + if [ "$VERBOSE" = no ] + then + log_action_begin_msg "Unmounting temporary filesystems" + fstab-decode umount $TMPFS_MTPTS + log_action_end_msg $? + else + log_daemon_msg "Will now unmount temporary filesystems" + fstab-decode umount -v $TMPFS_MTPTS + log_end_msg $? + fi + fi + + # + # Deactivate swap + # + if [ "$VERBOSE" = no ] + then + log_action_begin_msg "Deactivating swap" + swapoff -a >/dev/null + log_action_end_msg $? + else + log_daemon_msg "Will now deactivate swap" + swapoff -a -v + log_end_msg $? + fi + + # + # Unmount local filesystems + # + if [ "$WEAK_MTPTS" ]; then + # Do not use -f umount option for WEAK_MTPTS + if [ "$VERBOSE" = no ] + then + log_action_begin_msg "Unmounting weak filesystems" + fstab-decode umount -r -d $WEAK_MTPTS + log_action_end_msg $? + else + log_daemon_msg "Will now unmount weak filesystems" + fstab-decode umount -v -r -d $WEAK_MTPTS + log_end_msg $? + fi + fi + if [ "$REG_MTPTS" ] + then + if [ "$VERBOSE" = no ] + then + log_action_begin_msg "Unmounting local filesystems" + fstab-decode umount -f -r -d $REG_MTPTS + log_action_end_msg $? + else + log_daemon_msg "Will now unmount local filesystems" + fstab-decode umount -f -v -r -d $REG_MTPTS + log_end_msg $? + fi + fi +} + +case "$1" in + start) + # No-op + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + do_stop + ;; + *) + echo "Usage: $0 start|stop" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/umountnfs.sh b/beagle/debian-rfs/etc/init.d/umountnfs.sh new file mode 100755 index 0000000..55fa96f --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/umountnfs.sh @@ -0,0 +1,108 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: umountnfs +# Required-Start: +# Required-Stop: umountfs +# Should-Stop: $network $portmap nfs-common +# Default-Start: +# Default-Stop: 0 6 +# Short-Description: Unmount all network filesystems except the root fs. +# Description: Also unmounts all virtual filesystems (proc, +# devpts, usbfs, sysfs) that are not mounted at the +# top level. +### END INIT INFO + +PATH=/sbin:/usr/sbin:/bin:/usr/bin +KERNEL="$(uname -s)" +RELEASE="$(uname -r)" +. /lib/init/vars.sh + +. /lib/lsb/init-functions + +case "${KERNEL}:${RELEASE}" in + Linux:[01].*|Linux:2.[01].*) + FLAGS="" + ;; + Linux:2.[23].*|Linux:2.4.?|Linux:2.4.?-*|Linux:2.4.10|Linux:2.4.10-*) + FLAGS="-f" + ;; + *) + FLAGS="-f -l" + ;; +esac + +do_stop () { + # Write a reboot record to /var/log/wtmp before unmounting + halt -w + + # Remove bootclean flag files (precaution against symlink attacks) + rm -f /tmp/.clean /var/lock/.clean /var/run/.clean + + # + # Make list of points to unmount in reverse order of their creation + # + + exec 9<&0 </etc/mtab + + DIRS="" + while read -r DEV MTPT FSTYPE OPTS REST + do + case "$MTPT" in + /|/proc|/dev|/dev/pts|/dev/shm|/proc/*|/sys|/lib/init/rw) + continue + ;; + /var/run) + if [ yes = "$RAMRUN" ] ; then + continue + fi + ;; + /var/lock) + if [ yes = "$RAMLOCK" ] ; then + continue + fi + ;; + esac + case "$FSTYPE" in + nfs|nfs4|smbfs|ncp|ncpfs|cifs|coda|ocfs2|gfs) + DIRS="$MTPT $DIRS" + ;; + proc|procfs|linprocfs|devpts|usbfs|usbdevfs|sysfs) + DIRS="$MTPT $DIRS" + ;; + esac + case "$OPTS" in + _netdev|*,_netdev|_netdev,*|*,_netdev,*) + DIRS="$MTPT $DIRS" + ;; + esac + done + + exec 0<&9 9<&- + + if [ "$DIRS" ] + then + [ "$VERBOSE" = no ] || log_action_begin_msg "Unmounting remote and non-toplevel virtual filesystems" + fstab-decode umount $FLAGS $DIRS + ES=$? + [ "$VERBOSE" = no ] || log_action_end_msg $ES + fi +} + +case "$1" in + start) + # No-op + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop|"") + do_stop + ;; + *) + echo "Usage: umountnfs.sh [start|stop]" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/umountroot b/beagle/debian-rfs/etc/init.d/umountroot new file mode 100755 index 0000000..51c4eb8 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/umountroot @@ -0,0 +1,57 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: umountroot +# Required-Start: +# Required-Stop: +# Should-Stop: halt reboot kexec +# Default-Start: +# Default-Stop: 0 6 +# Short-Description: Mount the root filesystem read-only. +### END INIT INFO + +PATH=/sbin:/bin +. /lib/init/vars.sh + +. /lib/lsb/init-functions + +do_stop () { + [ "$VERBOSE" = no ] || log_action_begin_msg "Mounting root filesystem read-only" + # These directories must exist on the root filesystem as they are + # targets for system mountpoints. We've just unmounted all other + # filesystems, so either they are mounted now (in which case the + # mount point exists) or we can make the mountpoint. + for dir in /proc /sys /var/run /var/lock; do + mkdir -p $dir || true + done + + MOUNT_FORCE_OPT= + [ "$(uname -s)" = "GNU/kFreeBSD" ] && MOUNT_FORCE_OPT=-f + # This: + # mount -n -o remount,ro / + # will act on a bind mount of / if there is one. + # See #339023 and the comment in checkroot.sh + mount $MOUNT_FORCE_OPT -n -o remount,ro -t dummytype dummydev / 2>/dev/null \ + || mount $MOUNT_FORCE_OPT -n -o remount,ro dummydev / 2>/dev/null \ + || mount $MOUNT_FORCE_OPT -n -o remount,ro / + ES=$? + [ "$VERBOSE" = no ] || log_action_end_msg $ES +} + +case "$1" in + start) + # No-op + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + stop) + do_stop + ;; + *) + echo "Usage: $0 start|stop" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/init.d/urandom b/beagle/debian-rfs/etc/init.d/urandom new file mode 100755 index 0000000..bb28a07 --- /dev/null +++ b/beagle/debian-rfs/etc/init.d/urandom @@ -0,0 +1,79 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: urandom +# Required-Start: $local_fs +# Required-Stop: $local_fs +# Default-Start: S +# Default-Stop: 0 6 +# Short-Description: Save and restore random seed between restarts. +# Description: This script saves the random seed between restarts. +# It is called from the boot, halt and reboot scripts. +### END INIT INFO + +[ -c /dev/urandom ] || exit 0 + +PATH=/sbin:/bin +SAVEDFILE=/var/lib/urandom/random-seed +POOLSIZE=512 +[ -f /proc/sys/kernel/random/poolsize ] && POOLSIZE="$(cat /proc/sys/kernel/random/poolsize)" +. /lib/init/vars.sh + +. /lib/lsb/init-functions + +do_status () { + if [ -f $SAVEDFILE ] ; then + return 0 + else + return 4 + fi +} + +case "$1" in + start|"") + [ "$VERBOSE" = no ] || log_action_begin_msg "Initializing random number generator" + # Load and then save $POOLSIZE bytes, + # which is the size of the entropy pool + if [ -f "$SAVEDFILE" ] + then + # Handle locally increased pool size + set -- $(LC_ALL=C ls -l "$SAVEDFILE") + SAVEDSIZE="$5" + if [ "$SAVEDSIZE" -gt "$POOLSIZE" ] + then + [ -w /proc/sys/kernel/random/poolsize ] && echo $POOLSIZE > /proc/sys/kernel/random/poolsize + POOLSIZE=$SAVEDSIZE + fi + cat "$SAVEDFILE" >/dev/urandom + fi + rm -f $SAVEDFILE + # Hm, why is the saved pool re-created at boot? [pere 2009-09-03] + umask 077 + dd if=/dev/urandom of=$SAVEDFILE bs=$POOLSIZE count=1 >/dev/null 2>&1 + ES=$? + umask 022 + [ "$VERBOSE" = no ] || log_action_end_msg $ES + ;; + stop) + # Carry a random seed from shut-down to start-up; + # see documentation in linux/drivers/char/random.c + [ "$VERBOSE" = no ] || log_action_begin_msg "Saving random seed" + umask 077 + dd if=/dev/urandom of=$SAVEDFILE bs=$POOLSIZE count=1 >/dev/null 2>&1 + ES=$? + [ "$VERBOSE" = no ] || log_action_end_msg $ES + ;; + status) + do_status + exit $? + ;; + restart|reload|force-reload) + echo "Error: argument '$1' not supported" >&2 + exit 3 + ;; + *) + echo "Usage: urandom start|stop" >&2 + exit 3 + ;; +esac + +: diff --git a/beagle/debian-rfs/etc/insserv.conf b/beagle/debian-rfs/etc/insserv.conf new file mode 100644 index 0000000..e8d1a7b --- /dev/null +++ b/beagle/debian-rfs/etc/insserv.conf @@ -0,0 +1,41 @@ +# +# All local filesystems are mounted (done during boot phase) +# +$local_fs +mountall +mountoverflowtmp +umountfs + +# +# Low level networking (ethernet card) +# +$network +networking +ifupdown + +# +# Named is operational +# +$named +named +dnsmasq +lwresd +bind9 $network + +# +# All remote filesystems are mounted (note in some cases /usr may +# be remote. Most applications that care will probably require +# both $local_fs and $remote_fs) +# +$remote_fs $local_fs +mountnfs +mountnfs-bootclean +umountnfs +sendsigs + +# +# System logger is operational +# +$syslog +rsyslog +sysklogd +syslog-ng +dsyslog +inetutils-syslogd + +# +# SunRPC portmapper available +# +$portmap portmap + +# +# The system time has been set correctly +# +$time +hwclock + +# +# Services which need to be interactive +# +<interactive> glibc udev console-screen keymap keyboard-setup console-setup cryptdisks cryptdisks-early checkfs-loop diff --git a/beagle/debian-rfs/etc/issue b/beagle/debian-rfs/etc/issue new file mode 100644 index 0000000..9d52ed2 --- /dev/null +++ b/beagle/debian-rfs/etc/issue @@ -0,0 +1,2 @@ +Debian GNU/Linux 6.0 \n \l + diff --git a/beagle/debian-rfs/etc/issue.net b/beagle/debian-rfs/etc/issue.net new file mode 100644 index 0000000..6a11f39 --- /dev/null +++ b/beagle/debian-rfs/etc/issue.net @@ -0,0 +1 @@ +Debian GNU/Linux 6.0 diff --git a/beagle/debian-rfs/etc/ld.so.conf.d/arm-linux-gnueabi.conf b/beagle/debian-rfs/etc/ld.so.conf.d/arm-linux-gnueabi.conf new file mode 100644 index 0000000..205f029 --- /dev/null +++ b/beagle/debian-rfs/etc/ld.so.conf.d/arm-linux-gnueabi.conf @@ -0,0 +1,3 @@ +# Multiarch support +/lib/arm-linux-gnueabi +/usr/lib/arm-linux-gnueabi diff --git a/beagle/debian-rfs/etc/ld.so.conf.d/libc.conf b/beagle/debian-rfs/etc/ld.so.conf.d/libc.conf new file mode 100644 index 0000000..463b8bb --- /dev/null +++ b/beagle/debian-rfs/etc/ld.so.conf.d/libc.conf @@ -0,0 +1,2 @@ +# libc default configuration +/usr/local/lib diff --git a/beagle/debian-rfs/etc/login.defs b/beagle/debian-rfs/etc/login.defs new file mode 100644 index 0000000..7b70c90 --- /dev/null +++ b/beagle/debian-rfs/etc/login.defs @@ -0,0 +1,335 @@ +# +# /etc/login.defs - Configuration control definitions for the login package. +# +# Three items must be defined: MAIL_DIR, ENV_SUPATH, and ENV_PATH. +# If unspecified, some arbitrary (and possibly incorrect) value will +# be assumed. All other items are optional - if not specified then +# the described action or option will be inhibited. +# +# Comment lines (lines beginning with "#") and blank lines are ignored. +# +# Modified for Linux. --marekm + +# REQUIRED for useradd/userdel/usermod +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define MAIL_DIR and MAIL_FILE, +# MAIL_DIR takes precedence. +# +# Essentially: +# - MAIL_DIR defines the location of users mail spool files +# (for mbox use) by appending the username to MAIL_DIR as defined +# below. +# - MAIL_FILE defines the location of the users mail spool files as the +# fully-qualified filename obtained by prepending the user home +# directory before $MAIL_FILE +# +# NOTE: This is no more used for setting up users MAIL environment variable +# which is, starting from shadow 4.0.12-1 in Debian, entirely the +# job of the pam_mail PAM modules +# See default PAM configuration files provided for +# login, su, etc. +# +# This is a temporary situation: setting these variables will soon +# move to /etc/default/useradd and the variables will then be +# no more supported +MAIL_DIR /var/mail +#MAIL_FILE .mail + +# +# Enable logging and display of /var/log/faillog login failure info. +# This option conflicts with the pam_tally PAM module. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +# WARNING: Unknown usernames may become world readable. +# See #290803 and #298773 for details about how this could become a security +# concern +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin +ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +# In Debian /usr/bin/bsd-write or similar programs are setgid tty +# However, the default and recommended value for TTYPERM is still 0600 +# to not allow anyone to write to anyone else console or terminal + +# Users can still allow other people to write them by issuing +# the "mesg y" command. + +TTYGROUP tty +TTYPERM 0600 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# UMASK Default "umask" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# +# UMASK is the default umask value for pam_umask and is used by +# useradd and newusers to set the mode of the new home directories. +# 022 is the "historical" value in Debian for UMASK +# 027, or even 077, could be considered better for privacy +# There is no One True Answer here : each sysadmin must make up his/her +# mind. +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +#SYS_UID_MIN 100 +#SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +#SYS_GID_MIN 100 +#SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad. This will most likely be +# overriden by PAM, since the default pam_unix module has it's own built +# in of 3 retries. However, this is a safe fallback in case you are using +# an authentication module that does not enforce PAM_MAXTRIES. +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT rwh + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If set to yes, userdel will remove the user´s group if it contains no +# more members, and useradd will create by default a group with the name +# of the user. +# +# Other former uses of this variable such as setting the umask when +# user==primary group are not used in PAM environments, such as Debian +# +USERGROUPS_ENAB yes + +# +# Instead of the real user shell, the program specified by this parameter +# will be launched, although its visible name (argv[0]) will be the shell's. +# The program may do whatever it wants (logging, additional authentification, +# banner, ...) before running the actual shell. +# +# FAKE_SHELL /bin/fakeshell + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +# This variable is used by login and su. +# +#CONSOLE /etc/consoles +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# This variable is used by login and su. +# +#CONSOLE_GROUPS floppy:audio:cdrom + +# +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +# Note: It is recommended to use a value consistent with +# the PAM modules configuration. +# +#ENCRYPT_METHOD DES + +# +# Only used if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +################# OBSOLETED BY PAM ############## +# # +# These options are now handled by PAM. Please # +# edit the appropriate file in /etc/pam.d/ to # +# enable the equivelants of them. +# +############### + +#MOTD_FILE +#DIALUPS_CHECK_ENAB +#LASTLOG_ENAB +#MAIL_CHECK_ENAB +#OBSCURE_CHECKS_ENAB +#PORTTIME_CHECKS_ENAB +#SU_WHEEL_ONLY +#CRACKLIB_DICTPATH +#PASS_CHANGE_TRIES +#PASS_ALWAYS_WARN +#ENVIRON_FILE +#NOLOGINS_FILE +#ISSUE_FILE +#PASS_MIN_LEN +#PASS_MAX_LEN +#ULIMIT +#ENV_HZ +#CHFN_AUTH +#CHSH_AUTH +#FAIL_DELAY + +################# OBSOLETED ####################### +# # +# These options are no more handled by shadow. # +# # +# Shadow utilities will display a warning if they # +# still appear. # +# # +################################################### + +# CLOSE_SESSIONS +# LOGIN_STRING +# NO_PASSWORD_CONSOLE +# QMAIL_DIR + + + diff --git a/beagle/debian-rfs/etc/logrotate.d/dpkg b/beagle/debian-rfs/etc/logrotate.d/dpkg new file mode 100644 index 0000000..b071698 --- /dev/null +++ b/beagle/debian-rfs/etc/logrotate.d/dpkg @@ -0,0 +1,18 @@ +/var/log/dpkg.log { + monthly + rotate 12 + compress + delaycompress + missingok + notifempty + create 644 root root +} +/var/log/alternatives.log { + monthly + rotate 12 + compress + delaycompress + missingok + notifempty + create 644 root root +} diff --git a/beagle/debian-rfs/etc/mke2fs.conf b/beagle/debian-rfs/etc/mke2fs.conf new file mode 100644 index 0000000..52fe58e --- /dev/null +++ b/beagle/debian-rfs/etc/mke2fs.conf @@ -0,0 +1,44 @@ +[defaults] + base_features = sparse_super,filetype,resize_inode,dir_index,ext_attr + blocksize = 4096 + inode_size = 256 + inode_ratio = 16384 + +[fs_types] + ext3 = { + features = has_journal + } + ext4 = { + features = has_journal,extent,huge_file,flex_bg,uninit_bg,dir_nlink,extra_isize + inode_size = 256 + } + ext4dev = { + features = has_journal,extent,huge_file,flex_bg,uninit_bg,dir_nlink,extra_isize + inode_size = 256 + options = test_fs=1 + } + small = { + blocksize = 1024 + inode_size = 128 + inode_ratio = 4096 + } + floppy = { + blocksize = 1024 + inode_size = 128 + inode_ratio = 8192 + } + news = { + inode_ratio = 4096 + } + largefile = { + inode_ratio = 1048576 + blocksize = -1 + } + largefile4 = { + inode_ratio = 4194304 + blocksize = -1 + } + hurd = { + blocksize = 4096 + inode_size = 128 + } diff --git a/beagle/debian-rfs/etc/network/if-up.d/mountnfs b/beagle/debian-rfs/etc/network/if-up.d/mountnfs new file mode 100755 index 0000000..3564cfd --- /dev/null +++ b/beagle/debian-rfs/etc/network/if-up.d/mountnfs @@ -0,0 +1,173 @@ +#! /bin/sh +# Description: Now that TCP/IP is configured, mount the NFS file +# systems in /etc/fstab if needed. If possible, +# start the portmapper before mounting (this is needed for +# Linux 2.1.x and up). +# +# Also mounts SMB filesystems now, so the name of +# this script is getting increasingly inaccurate. + +PATH=/sbin:/bin +. /lib/init/vars.sh + +. /lib/lsb/init-functions +. /lib/init/mount-functions.sh + +set_env() { + [ -f /etc/fstab ] || return + # + # Read through fstab line by line. If it is NFS, set the flag + # for mounting NFS file systems. If any NFS partition is found and it + # not mounted with the nolock option, we start the portmapper. + # + # If any sec={krb5,krb5i,krb5p} option is given, or any of the file + # systems are nfs4, we'll need to start rpc.gssd and/or rpc.idmapd too; + # we'll leave that to nfs-common. + # + + exec 9<&0 </etc/fstab + + start_nfs=no + NETFS="" + NETDEV="" + while read DEV MTPT FSTYPE OPTS REST + do + case "$DEV" in + ""|\#*) + continue + ;; + esac + case "$OPTS" in + noauto|*,noauto|noauto,*|*,noauto,*) + continue + ;; + _netdev|*,_netdev|_netdev,*|*,_netdev,*) + NETDEV=yes + ;; + esac + case "$FSTYPE" in + nfs) + # NFS filsystems normally require statd and portmap. However, + # if nolock is set, portmap and statd are not required for this + # file system. + case "$OPTS" in + nolock|*,nolock|nolock,*|*,nolock,*) + # no action + ;; + *) + start_nfs=yes + ;; + esac + + # However, Kerberos requires gssd, so start nfs-common anyway. + case "$OPTS" in + sec=krb5|*,sec=krb5|sec=krb5,*|*,sec=krb5,*|sec=krb5i|*,sec=krb5i|sec=krb5i,*|*,sec=krb5i,*|sec=krb5p|*,sec=krb5p|sec=krb5p,*|*,sec=krb5p,*) + + start_nfs=yes + ;; + esac + ;; + nfs4) + # NFSv4 requires idmapd, so start nfs-common no matter what the options are. + start_nfs=yes + ;; + smbfs|cifs|coda|ncp|ncpfs|ocfs2|gfs) + ;; + *) + FSTYPE= + ;; + esac + if [ "$FSTYPE" ] + then + case "$NETFS" in + $FSTYPE|*,$FSTYPE|$FSTYPE,*|*,$FSTYPE,*) + ;; + *) + NETFS="$NETFS${NETFS:+,}$FSTYPE" + ;; + esac + fi + done + + exec 0<&9 9<&- +} + +do_start() { + # + # Initialize nfs-common (which starts rpc.statd, rpc.gssd + # and/or rpc.idmapd, and loads the right kernel modules if + # applicable) if we use Kerberos and/or NFSv4 mounts. + # + if [ "$start_nfs" = yes ] && [ -x /etc/init.d/portmap ] && [ -x /etc/init.d/nfs-common ] + then + /etc/init.d/portmap start + /etc/init.d/nfs-common start + fi + + pre_mountall + if [ "$NETFS" ] + then + mount -a -t$NETFS + fi + if [ "$NETDEV" ]; then + mount -a -O _netdev + fi + post_mountall +} + +exit_unless_last_interface() { + grep "^[:space:]*auto" /etc/network/interfaces | \ + sed -e 's/[ \t]*auto[ \t]*//;s/[ \t]*$//;s/[ \t]/\n/g' | \ + while read i; do + if [ `grep -c $i /etc/network/run/ifstate` -eq "0" ]; then + msg="if-up.d/mountnfs[$IFACE]: waiting for interface $i before doing NFS mounts" + log_warning_msg "$msg" + # Can not pass this as a variable because of the while subshell + mkdir /var/run/network/mountnfs_earlyexit 2> /dev/null + fi + done + if [ -d /var/run/network/mountnfs_earlyexit ]; then + rmdir /var/run/network/mountnfs_earlyexit 2>/dev/null + exit 0 + fi +} + +# Using 'no !=' instead of 'yes =' to make sure async nfs mounting is +# the default even without a value in /etc/default/rcS +set_env +# Exit imediately and do not claim to wait for the last interface if +# no network file systems are listed in /etc/fstab. +if [ "$start_nfs" = "no" ] && [ ! "$NETFS" ] && [ ! "$NETDEV" ]; then + exit 0 +fi + +if [ no != "$ASYNCMOUNTNFS" ]; then + # Not for loopback! + [ "$IFACE" != "lo" ] || exit 0 + + # Lock around this otherwise insanity may occur + mkdir /var/run/network 2>/dev/null || true + + # Wait until all auto interfaces are up before attemting to mount + # network file systems. + exit_unless_last_interface + + if mkdir /var/run/network/mountnfs 2>/dev/null ; then + : + else + msg="if-up.d/mountnfs[$IFACE]: lock /var/run/network/mountnfs exist, not mounting" + log_failure_msg "$msg" + # Log if /usr/ is mounted + [ -x /usr/bin/logger ] && /usr/bin/logger -t "if-up.d/mountnfs[$IFACE]" "$msg" + exit 0 + fi + + on_exit() { + # Clean up lock when script exits, even if it is interrupted + rmdir /var/run/network/mountnfs 2>/dev/null || exit 0 + } + trap on_exit EXIT # Enable emergency handler + do_start +elif [ yes = "$FROMINITD" ] ; then + do_start +fi diff --git a/beagle/debian-rfs/etc/pam.conf b/beagle/debian-rfs/etc/pam.conf new file mode 100644 index 0000000..3eeb72d --- /dev/null +++ b/beagle/debian-rfs/etc/pam.conf @@ -0,0 +1,15 @@ +# ---------------------------------------------------------------------------# +# /etc/pam.conf # +# ---------------------------------------------------------------------------# +# +# NOTE +# ---- +# +# NOTE: Most program use a file under the /etc/pam.d/ directory to setup their +# PAM service modules. This file is used only if that directory does not exist. +# ---------------------------------------------------------------------------# + +# Format: +# serv. module ctrl module [path] ...[args..] # +# name type flag # + diff --git a/beagle/debian-rfs/etc/pam.d/chfn b/beagle/debian-rfs/etc/pam.d/chfn new file mode 100644 index 0000000..10fcf07 --- /dev/null +++ b/beagle/debian-rfs/etc/pam.d/chfn @@ -0,0 +1,16 @@ +# +# The PAM configuration file for the Shadow `chfn' service +# + +# This allows root to change user infomation without being +# prompted for a password +auth sufficient pam_rootok.so + +# The standard Unix authentication modules, used with +# NIS (man nsswitch) as well as normal /etc/passwd and +# /etc/shadow entries. +@include common-auth +@include common-account +@include common-session + + diff --git a/beagle/debian-rfs/etc/pam.d/chpasswd b/beagle/debian-rfs/etc/pam.d/chpasswd new file mode 100644 index 0000000..da2adcc --- /dev/null +++ b/beagle/debian-rfs/etc/pam.d/chpasswd @@ -0,0 +1,5 @@ +# The PAM configuration file for the Shadow 'chpasswd' service +# + +@include common-password + diff --git a/beagle/debian-rfs/etc/pam.d/chsh b/beagle/debian-rfs/etc/pam.d/chsh new file mode 100644 index 0000000..7eb604d --- /dev/null +++ b/beagle/debian-rfs/etc/pam.d/chsh @@ -0,0 +1,20 @@ +# +# The PAM configuration file for the Shadow `chsh' service +# + +# This will not allow a user to change their shell unless +# their current one is listed in /etc/shells. This keeps +# accounts with special shells from changing them. +auth required pam_shells.so + +# This allows root to change user shell without being +# prompted for a password +auth sufficient pam_rootok.so + +# The standard Unix authentication modules, used with +# NIS (man nsswitch) as well as normal /etc/passwd and +# /etc/shadow entries. +@include common-auth +@include common-account +@include common-session + diff --git a/beagle/debian-rfs/etc/pam.d/login b/beagle/debian-rfs/etc/pam.d/login new file mode 100644 index 0000000..6ac4fd7 --- /dev/null +++ b/beagle/debian-rfs/etc/pam.d/login @@ -0,0 +1,107 @@ +# +# The PAM configuration file for the Shadow `login' service +# + +# Enforce a minimal delay in case of failure (in microseconds). +# (Replaces the `FAIL_DELAY' setting from login.defs) +# Note that other modules may require another minimal delay. (for example, +# to disable any delay, you should add the nodelay option to pam_unix) +auth optional pam_faildelay.so delay=3000000 + +# Outputs an issue file prior to each login prompt (Replaces the +# ISSUE_FILE option from login.defs). Uncomment for use +# auth required pam_issue.so issue=/etc/issue + +# Disallows root logins except on tty's listed in /etc/securetty +# (Replaces the `CONSOLE' setting from login.defs) +# +# With the default control of this module: +# [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] +# root will not be prompted for a pasword on insecure lines. +# if an invalid username is entered, a password is prompted (but login +# will eventually be rejected) +# +# You can change it to a "requisite" module if you think root may mis-type +# her login and should not be prompted for a password in that case. But +# this will leave the system as vulnerable to user enumeration attacks. +# +# You can change it to a "required" module if you think it permits to +# guess valid user names of your system (invalid user names are considered +# as possibly being root on insecure lines), but root passwords may be +# communicated over insecure lines. +auth [success=ok new_authtok_reqd=ok ignore=ignore user_unknown=bad default=die] pam_securetty.so + +# Disallows other than root logins when /etc/nologin exists +# (Replaces the `NOLOGINS_FILE' option from login.defs) +auth requisite pam_nologin.so + +# SELinux needs to be the first session rule. This ensures that any +# lingering context has been cleared. Without out this it is possible +# that a module could execute code in the wrong domain. +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Standard Un*x authentication. +@include common-auth + +# This allows certain extra groups to be granted to a user +# based on things like time of day, tty, service, and user. +# Please edit /etc/security/group.conf to fit your needs +# (Replaces the `CONSOLE_GROUPS' option in login.defs) +auth optional pam_group.so + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on logins. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# Uncomment and edit /etc/security/access.conf if you need to +# set access limits. +# (Replaces /etc/login.access file) +# account required pam_access.so + +# Sets up user limits according to /etc/security/limits.conf +# (Replaces the use of /etc/limits in old login) +session required pam_limits.so + +# Prints the last login info upon succesful login +# (Replaces the `LASTLOG_ENAB' option from login.defs) +session optional pam_lastlog.so + +# Prints the motd upon succesful login +# (Replaces the `MOTD_FILE' option in login.defs) +session optional pam_motd.so + +# Prints the status of the user's mailbox upon succesful login +# (Replaces the `MAIL_CHECK_ENAB' option from login.defs). +# +# This also defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +session optional pam_mail.so standard + +# Standard Un*x account and session +@include common-account +@include common-session +@include common-password + +# SELinux needs to intervene at login time to ensure that the process +# starts in the proper default security context. Only sessions which are +# intended to run in the user's context should be run after this. +session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open +# When the module is present, "required" would be sufficient (When SELinux +# is disabled, this returns success.) diff --git a/beagle/debian-rfs/etc/pam.d/newusers b/beagle/debian-rfs/etc/pam.d/newusers new file mode 100644 index 0000000..552ca90 --- /dev/null +++ b/beagle/debian-rfs/etc/pam.d/newusers @@ -0,0 +1,5 @@ +# The PAM configuration file for the Shadow 'newusers' service +# + +@include common-password + diff --git a/beagle/debian-rfs/etc/pam.d/other b/beagle/debian-rfs/etc/pam.d/other new file mode 100644 index 0000000..59d776c --- /dev/null +++ b/beagle/debian-rfs/etc/pam.d/other @@ -0,0 +1,16 @@ +# +# /etc/pam.d/other - specify the PAM fallback behaviour +# +# Note that this file is used for any unspecified service; for example +#if /etc/pam.d/cron specifies no session modules but cron calls +#pam_open_session, the session module out of /etc/pam.d/other is +#used. If you really want nothing to happen then use pam_permit.so or +#pam_deny.so as appropriate. + +# We fall back to the system default in /etc/pam.d/common-* +# + +@include common-auth +@include common-account +@include common-password +@include common-session diff --git a/beagle/debian-rfs/etc/pam.d/passwd b/beagle/debian-rfs/etc/pam.d/passwd new file mode 100644 index 0000000..5872e7b --- /dev/null +++ b/beagle/debian-rfs/etc/pam.d/passwd @@ -0,0 +1,6 @@ +# +# The PAM configuration file for the Shadow `passwd' service +# + +@include common-password + diff --git a/beagle/debian-rfs/etc/pam.d/su b/beagle/debian-rfs/etc/pam.d/su new file mode 100644 index 0000000..c1a84ae --- /dev/null +++ b/beagle/debian-rfs/etc/pam.d/su @@ -0,0 +1,62 @@ +# +# The PAM configuration file for the Shadow `su' service +# + +# This allows root to su without passwords (normal operation) +auth sufficient pam_rootok.so + +# Uncomment this to force users to be a member of group root +# before they can use `su'. You can also add "group=foo" +# to the end of this line if you want to use a group other +# than the default "root" (but this may have side effect of +# denying "root" user, unless she's a member of "foo" or explicitly +# permitted earlier by e.g. "sufficient pam_rootok.so"). +# (Replaces the `SU_WHEEL_ONLY' option from login.defs) +# auth required pam_wheel.so + +# Uncomment this if you want wheel members to be able to +# su without a password. +# auth sufficient pam_wheel.so trust + +# Uncomment this if you want members of a specific group to not +# be allowed to use su at all. +# auth required pam_wheel.so deny group=nosu + +# Uncomment and edit /etc/security/time.conf if you need to set +# time restrainst on su usage. +# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs +# as well as /etc/porttime) +# account requisite pam_time.so + +# This module parses environment configuration file(s) +# and also allows you to use an extended config +# file /etc/security/pam_env.conf. +# +# parsing /etc/environment needs "readenv=1" +session required pam_env.so readenv=1 +# locale variables are also kept into /etc/default/locale in etch +# reading this file *in addition to /etc/environment* does not hurt +session required pam_env.so readenv=1 envfile=/etc/default/locale + +# Defines the MAIL environment variable +# However, userdel also needs MAIL_DIR and MAIL_FILE variables +# in /etc/login.defs to make sure that removing a user +# also removes the user's mail spool file. +# See comments in /etc/login.defs +# +# "nopen" stands to avoid reporting new mail when su'ing to another user +session optional pam_mail.so nopen + +# Sets up user limits, please uncomment and read /etc/security/limits.conf +# to enable this functionality. +# (Replaces the use of /etc/limits in old login) +# session required pam_limits.so + +# The standard Unix authentication modules, used with +# NIS (man nsswitch) as well as normal /etc/passwd and +# /etc/shadow entries. +@include common-auth +@include common-account +@include common-session + + diff --git a/beagle/debian-rfs/etc/rc0.d/README b/beagle/debian-rfs/etc/rc0.d/README new file mode 100644 index 0000000..df13c03 --- /dev/null +++ b/beagle/debian-rfs/etc/rc0.d/README @@ -0,0 +1,11 @@ +The scripts in this directory are executed once when entering +runlevel 0. + +The scripts are all symbolic links whose targets are located in +/etc/init.d/ . + +Generally it is not necessary to alter the scripts in this directory. +Their purpose is to stop all services and to make the system ready +for shutdown. + +For more information see /etc/init.d/README. diff --git a/beagle/debian-rfs/etc/rc1.d/README b/beagle/debian-rfs/etc/rc1.d/README new file mode 100644 index 0000000..6be6c94 --- /dev/null +++ b/beagle/debian-rfs/etc/rc1.d/README @@ -0,0 +1,11 @@ +The scripts in this directory are executed each time the system enters +this runlevel. + +The scripts are all symbolic links whose targets are located in +/etc/init.d/ . + +Generally it is not necessary to alter the scripts in this directory. +Their purpose is to stop all services and thus to put the system in +single-user mode. + +For more information see /etc/init.d/README. diff --git a/beagle/debian-rfs/etc/rc2.d/README b/beagle/debian-rfs/etc/rc2.d/README new file mode 100644 index 0000000..6e0733f --- /dev/null +++ b/beagle/debian-rfs/etc/rc2.d/README @@ -0,0 +1,15 @@ +The scripts in this directory are executed each time the system enters +this runlevel. + +The scripts are all symbolic links whose targets are located in +/etc/init.d/ . + +To disable a service in this runlevel, rename its script in this +directory so that the new name begins with a 'K' and a two-digit +number, and run 'update-rc.d script defaults' to reorder the scripts +according to dependencies. A warning about the current runlevels +being enabled not matching the LSB header in the init.d script will be +printed. To re-enable the service, rename the script back to its +original name beginning with 'S' and run update-rc.d again. + +For a more information see /etc/init.d/README. diff --git a/beagle/debian-rfs/etc/rc3.d/README b/beagle/debian-rfs/etc/rc3.d/README new file mode 100644 index 0000000..6e0733f --- /dev/null +++ b/beagle/debian-rfs/etc/rc3.d/README @@ -0,0 +1,15 @@ +The scripts in this directory are executed each time the system enters +this runlevel. + +The scripts are all symbolic links whose targets are located in +/etc/init.d/ . + +To disable a service in this runlevel, rename its script in this +directory so that the new name begins with a 'K' and a two-digit +number, and run 'update-rc.d script defaults' to reorder the scripts +according to dependencies. A warning about the current runlevels +being enabled not matching the LSB header in the init.d script will be +printed. To re-enable the service, rename the script back to its +original name beginning with 'S' and run update-rc.d again. + +For a more information see /etc/init.d/README. diff --git a/beagle/debian-rfs/etc/rc4.d/README b/beagle/debian-rfs/etc/rc4.d/README new file mode 100644 index 0000000..6e0733f --- /dev/null +++ b/beagle/debian-rfs/etc/rc4.d/README @@ -0,0 +1,15 @@ +The scripts in this directory are executed each time the system enters +this runlevel. + +The scripts are all symbolic links whose targets are located in +/etc/init.d/ . + +To disable a service in this runlevel, rename its script in this +directory so that the new name begins with a 'K' and a two-digit +number, and run 'update-rc.d script defaults' to reorder the scripts +according to dependencies. A warning about the current runlevels +being enabled not matching the LSB header in the init.d script will be +printed. To re-enable the service, rename the script back to its +original name beginning with 'S' and run update-rc.d again. + +For a more information see /etc/init.d/README. diff --git a/beagle/debian-rfs/etc/rc5.d/README b/beagle/debian-rfs/etc/rc5.d/README new file mode 100644 index 0000000..6e0733f --- /dev/null +++ b/beagle/debian-rfs/etc/rc5.d/README @@ -0,0 +1,15 @@ +The scripts in this directory are executed each time the system enters +this runlevel. + +The scripts are all symbolic links whose targets are located in +/etc/init.d/ . + +To disable a service in this runlevel, rename its script in this +directory so that the new name begins with a 'K' and a two-digit +number, and run 'update-rc.d script defaults' to reorder the scripts +according to dependencies. A warning about the current runlevels +being enabled not matching the LSB header in the init.d script will be +printed. To re-enable the service, rename the script back to its +original name beginning with 'S' and run update-rc.d again. + +For a more information see /etc/init.d/README. diff --git a/beagle/debian-rfs/etc/rc6.d/README b/beagle/debian-rfs/etc/rc6.d/README new file mode 100644 index 0000000..baf54c9 --- /dev/null +++ b/beagle/debian-rfs/etc/rc6.d/README @@ -0,0 +1,11 @@ +The scripts in this directory are executed once when entering +runlevel 6. + +The scripts are all symbolic links whose targets are located in +/etc/init.d/ . + +Generally it is not necessary to alter the scripts in this directory. +Their purpose is to stop all services and to make the system ready +for reboot. + +For more information see /etc/init.d/README. diff --git a/beagle/debian-rfs/etc/rcS.d/README b/beagle/debian-rfs/etc/rcS.d/README new file mode 100644 index 0000000..fcf7c92 --- /dev/null +++ b/beagle/debian-rfs/etc/rcS.d/README @@ -0,0 +1,12 @@ +The scripts in this directory whose names begin with an 'S' are +executed once when booting the system, even when booting directly into +single user mode. + +The scripts are all symbolic links whose targets are located in +/etc/init.d/ . + +To disable a script in this directory, rename it so that it begins +with a 'K' and run 'update-rc.d script defaults' to update the order +using the script dependencies. + +For more information see /etc/init.d/README. diff --git a/beagle/debian-rfs/etc/resolv.conf b/beagle/debian-rfs/etc/resolv.conf new file mode 100644 index 0000000..07ee6e3 --- /dev/null +++ b/beagle/debian-rfs/etc/resolv.conf @@ -0,0 +1,3 @@ +domain traut +search traut +nameserver 10.0.3.10 diff --git a/beagle/debian-rfs/etc/rmt b/beagle/debian-rfs/etc/rmt new file mode 100755 index 0000000..4fadd09 --- /dev/null +++ b/beagle/debian-rfs/etc/rmt @@ -0,0 +1,8 @@ +#!/bin/sh +# +# This is not a mistake. This shell script (/etc/rmt) has been provided +# for compatibility with other Unix-like systems, some of which have +# utilities that expect to find (and execute) rmt in the /etc directory +# on remote systems. +# +exec /usr/sbin/rmt diff --git a/beagle/debian-rfs/etc/securetty b/beagle/debian-rfs/etc/securetty new file mode 100644 index 0000000..3d6971c --- /dev/null +++ b/beagle/debian-rfs/etc/securetty @@ -0,0 +1,383 @@ +# /etc/securetty: list of terminals on which root is allowed to login. +# See securetty(5) and login(1). + +console + +# Local X displays (allows empty passwords with pam_unix's nullok_secure) +:0 +:0.0 +:0.1 +:1 +:1.0 +:1.1 +:2 +:2.0 +:2.1 +:3 +:3.0 +:3.1 +#... + + +# ========================================================== +# +# TTYs sorted by major number according to Documentation/devices.txt +# +# ========================================================== + +# Virtual consoles +tty1 +tty2 +tty3 +tty4 +tty5 +tty6 +tty7 +tty8 +tty9 +tty10 +tty11 +tty12 +tty13 +tty14 +tty15 +tty16 +tty17 +tty18 +tty19 +tty20 +tty21 +tty22 +tty23 +tty24 +tty25 +tty26 +tty27 +tty28 +tty29 +tty30 +tty31 +tty32 +tty33 +tty34 +tty35 +tty36 +tty37 +tty38 +tty39 +tty40 +tty41 +tty42 +tty43 +tty44 +tty45 +tty46 +tty47 +tty48 +tty49 +tty50 +tty51 +tty52 +tty53 +tty54 +tty55 +tty56 +tty57 +tty58 +tty59 +tty60 +tty61 +tty62 +tty63 + +# UART serial ports +ttyS0 +ttyS1 +ttyS2 +ttyS3 +ttyS4 +ttyS5 +#...ttyS191 + +# Serial Mux devices (Linux/PA-RISC only) +ttyB0 +ttyB1 +#... + +# Chase serial card +ttyH0 +ttyH1 +#... + +# Cyclades serial cards +ttyC0 +ttyC1 +#...ttyC31 + +# Digiboard serial cards +ttyD0 +ttyD1 +#... + +# Stallion serial cards +ttyE0 +ttyE1 +#...ttyE255 + +# Specialix serial cards +ttyX0 +ttyX1 +#... + +# Comtrol Rocketport serial cards +ttyR0 +ttyR1 +#... + +# SDL RISCom serial cards +ttyL0 +ttyL1 +#... + +# Hayes ESP serial card +ttyP0 +ttyP1 +#... + +# Computone IntelliPort II serial card +ttyF0 +ttyF1 +#...ttyF255 + +# Specialix IO8+ serial card +ttyW0 +ttyW1 +#... + +# Comtrol VS-1000 serial controller +ttyV0 +ttyV1 +#... + +# ISI serial card +ttyM0 +ttyM1 +#... + +# Technology Concepts serial card +ttyT0 +ttyT1 +#... + +# Specialix RIO serial card +ttySR0 +ttySR1 +#...ttySR511 + +# Chase Research AT/PCI-Fast serial card +ttyCH0 +ttyCH1 +#...ttyCH63 + +# Moxa Intellio serial card +ttyMX0 +ttyMX1 +#...ttyMX127 + +# SmartIO serial card +ttySI0 +ttySI1 +#... + +# USB dongles +ttyUSB0 +ttyUSB1 +ttyUSB2 +#... + +# LinkUp Systems L72xx UARTs +ttyLU0 +ttyLU1 +ttyLU2 +ttyLU3 + +# StrongARM builtin serial ports +ttySA0 +ttySA1 +ttySA2 + +# SCI serial port (SuperH) ports and SC26xx serial ports +ttySC0 +ttySC1 +ttySC2 +ttySC3 + +# ARM "AMBA" serial ports +ttyAM0 +ttyAM1 +ttyAM2 +ttyAM3 +ttyAM4 +ttyAM5 +ttyAM6 +ttyAM7 +ttyAM8 +ttyAM9 +ttyAM10 +ttyAM11 +ttyAM12 +ttyAM13 +ttyAM14 +ttyAM15 + +# DataBooster serial ports +ttyDB0 +ttyDB1 +ttyDB2 +ttyDB3 +ttyDB4 +ttyDB5 +ttyDB6 +ttyDB7 + +# SGI Altix console ports +ttySG0 + +# Motorola i.MX ports +ttySMX0 +ttySMX1 +ttySMX2 + +# Marvell MPSC ports +ttyMM0 +ttyMM1 + +# PPC CPM (SCC or SMC) ports +ttyCPM0 +ttyCPM1 +ttyCPM2 +ttyCPM3 +ttyCPM4 +ttyCPM5 + +# Altix serial cards +ttyIOC0 +ttyIOC1 +#...ttyIOC31 + +# NEC VR4100 series SIU +ttyVR0 + +# NEC VR4100 series SSIU +ttyVR1 + +# Altix ioc4 serial cards +ttyIOC84 +ttyIOC85 +#...ttyIOC115 + +# Altix ioc3 serial cards +ttySIOC0 +ttySIOC1 +#...ttySIOC31 + +# PPC PSC ports +ttyPSC0 +ttyPSC1 +ttyPSC2 +ttyPSC3 +ttyPSC4 +ttyPSC5 + +# ATMEL serial ports +ttyAT0 +ttyAT1 +#...ttyAT15 + +# Hilscher netX serial port +ttyNX0 +ttyNX1 +#...ttyNX15 + +# Xilinx uartlite - port +ttyUL0 +ttyUL1 +ttyUL2 +ttyUL3 + +# Xen virtual console - port 0 +xvc0 + +# pmac_zilog - port +ttyPZ0 +ttyPZ1 +ttyPZ2 +ttyPZ3 + +# TX39/49 serial port +ttyTX0 +ttyTX1 +ttyTX2 +ttyTX3 +ttyTX4 +ttyTX5 +ttyTX6 +ttyTX7 + +# SC26xx serial ports (see SCI serial ports (SuperH)) + +# MAX3100 serial ports +ttyMAX0 +ttyMAX1 +ttyMAX2 +ttyMAX3 + +# OMAP serial ports +ttyO0 +ttyO1 +ttyO2 +ttyO3 + +# User space serial ports +ttyU0 +ttyU1 + +# A2232 serial card +ttyY0 +ttyY1 + +# IBM 3270 terminal Unix tty access +3270/tty1 +3270/tty2 +#... + +# IBM iSeries/pSeries virtual console +hvc0 +hvc1 +#... + +# Equinox SST multi-port serial boards +ttyEQ0 +ttyEQ1 +#...ttyEQ1027 + +# ========================================================== +# +# Not in Documentation/Devicess.txt +# +# ========================================================== + +# Embedded Freescale i.MX ports +ttymxc0 +ttymxc1 +ttymxc2 +ttymxc3 +ttymxc4 +ttymxc5 + +# Embedded ARM AMBA PL011 ports (e.g. emulated by QEMU) +ttyama0 +ttyama1 +ttyama2 +ttyama3 + diff --git a/beagle/debian-rfs/etc/security/access.conf b/beagle/debian-rfs/etc/security/access.conf new file mode 100644 index 0000000..74c5fbe --- /dev/null +++ b/beagle/debian-rfs/etc/security/access.conf @@ -0,0 +1,122 @@ +# Login access control table. +# +# Comment line must start with "#", no space at front. +# Order of lines is important. +# +# When someone logs in, the table is scanned for the first entry that +# matches the (user, host) combination, or, in case of non-networked +# logins, the first entry that matches the (user, tty) combination. The +# permissions field of that table entry determines whether the login will +# be accepted or refused. +# +# Format of the login access control table is three fields separated by a +# ":" character: +# +# [Note, if you supply a 'fieldsep=|' argument to the pam_access.so +# module, you can change the field separation character to be +# '|'. This is useful for configurations where you are trying to use +# pam_access with X applications that provide PAM_TTY values that are +# the display variable like "host:0".] +# +# permission : users : origins +# +# The first field should be a "+" (access granted) or "-" (access denied) +# character. +# +# The second field should be a list of one or more login names, group +# names, or ALL (always matches). A pattern of the form user@host is +# matched when the login name matches the "user" part, and when the +# "host" part matches the local machine name. +# +# The third field should be a list of one or more tty names (for +# non-networked logins), host names, domain names (begin with "."), host +# addresses, internet network numbers (end with "."), ALL (always +# matches), NONE (matches no tty on non-networked logins) or +# LOCAL (matches any string that does not contain a "." character). +# +# You can use @netgroupname in host or user patterns; this even works +# for @usergroup@@hostgroup patterns. +# +# The EXCEPT operator makes it possible to write very compact rules. +# +# The group file is searched only when a name does not match that of the +# logged-in user. Both the user's primary group is matched, as well as +# groups in which users are explicitly listed. +# To avoid problems with accounts, which have the same name as a group, +# you can use brackets around group names '(group)' to differentiate. +# In this case, you should also set the "nodefgroup" option. +# +# TTY NAMES: Must be in the form returned by ttyname(3) less the initial +# "/dev" (e.g. tty1 or vc/1) +# +############################################################################## +# +# Disallow non-root logins on tty1 +# +#-:ALL EXCEPT root:tty1 +# +# Disallow console logins to all but a few accounts. +# +#-:ALL EXCEPT wheel shutdown sync:LOCAL +# +# Same, but make sure that really the group wheel and not the user +# wheel is used (use nodefgroup argument, too): +# +#-:ALL EXCEPT (wheel) shutdown sync:LOCAL +# +# Disallow non-local logins to privileged accounts (group wheel). +# +#-:wheel:ALL EXCEPT LOCAL .win.tue.nl +# +# Some accounts are not allowed to login from anywhere: +# +#-:wsbscaro wsbsecr wsbspac wsbsym wscosor wstaiwde:ALL +# +# All other accounts are allowed to login from anywhere. +# +############################################################################## +# All lines from here up to the end are building a more complex example. +############################################################################## +# +# User "root" should be allowed to get access via cron .. tty5 tty6. +#+ : root : cron crond :0 tty1 tty2 tty3 tty4 tty5 tty6 +# +# User "root" should be allowed to get access from hosts with ip addresses. +#+ : root : 192.168.200.1 192.168.200.4 192.168.200.9 +#+ : root : 127.0.0.1 +# +# User "root" should get access from network 192.168.201. +# This term will be evaluated by string matching. +# comment: It might be better to use network/netmask instead. +# The same is 192.168.201.0/24 or 192.168.201.0/255.255.255.0 +#+ : root : 192.168.201. +# +# User "root" should be able to have access from domain. +# Uses string matching also. +#+ : root : .foo.bar.org +# +# User "root" should be denied to get access from all other sources. +#- : root : ALL +# +# User "foo" and members of netgroup "nis_group" should be +# allowed to get access from all sources. +# This will only work if netgroup service is available. +#+ : @nis_group foo : ALL +# +# User "john" should get access from ipv4 net/mask +#+ : john : 127.0.0.0/24 +# +# User "john" should get access from ipv4 as ipv6 net/mask +#+ : john : ::ffff:127.0.0.0/127 +# +# User "john" should get access from ipv6 host address +#+ : john : 2001:4ca0:0:101::1 +# +# User "john" should get access from ipv6 host address (same as above) +#+ : john : 2001:4ca0:0:101:0:0:0:1 +# +# User "john" should get access from ipv6 net/mask +#+ : john : 2001:4ca0:0:101::/64 +# +# All other users should be denied to get access from all sources. +#- : ALL : ALL diff --git a/beagle/debian-rfs/etc/security/group.conf b/beagle/debian-rfs/etc/security/group.conf new file mode 100644 index 0000000..b766bec --- /dev/null +++ b/beagle/debian-rfs/etc/security/group.conf @@ -0,0 +1,99 @@ +# +# This is the configuration file for the pam_group module. +# + +# +# *** Please note that giving group membership on a session basis is +# *** NOT inherently secure. If a user can create an executable that +# *** is setgid a group that they are infrequently given membership +# *** of, they can basically obtain group membership any time they +# *** like. Example: games are allowed between the hours of 6pm and 6am +# *** user joe logs in at 7pm writes a small C-program toplay.c that +# *** invokes their favorite shell, compiles it and does +# *** "chgrp play toplay; chmod g+s toplay". They are basically able +# *** to play games any time... You have been warned. AGM +# + +# +# The syntax of the lines is as follows: +# +# services;ttys;users;times;groups +# +# white space is ignored and lines maybe extended with '\\n' (escaped +# newlines). From reading these comments, it is clear that +# text following a '#' is ignored to the end of the line. +# +# the combination of individual users/terminals etc is a logic list +# namely individual tokens that are optionally prefixed with '!' (logical +# not) and separated with '&' (logical and) and '|' (logical or). +# +# services +# is a logic list of PAM service names that the rule applies to. +# +# ttys +# is a logic list of terminal names that this rule applies to. +# +# users +# is a logic list of users or a netgroup of users to whom this +# rule applies. +# +# NB. For these items the simple wildcard '*' may be used only once. +# With netgroups no wildcards or logic operators are allowed. +# +# times +# It is used to indicate "when" these groups are to be given to the +# user. The format here is a logic list of day/time-range +# entries the days are specified by a sequence of two character +# entries, MoTuSa for example is Monday Tuesday and Saturday. Note +# that repeated days are unset MoMo = no day, and MoWk = all weekdays +# bar Monday. The two character combinations accepted are +# +# Mo Tu We Th Fr Sa Su Wk Wd Al +# +# the last two being week-end days and all 7 days of the week +# respectively. As a final example, AlFr means all days except Friday. +# +# Each day/time-range can be prefixed with a '!' to indicate "anything +# but" +# +# The time-range part is two 24-hour times HHMM separated by a hyphen +# indicating the start and finish time (if the finish time is smaller +# than the start time it is deemed to apply on the following day). +# +# groups +# The (comma or space separated) list of groups that the user +# inherits membership of. These groups are added if the previous +# fields are satisfied by the user's request +# +# For a rule to be active, ALL of service+ttys+users must be satisfied +# by the applying process. +# + +# +# Note, to get this to work as it is currently typed you need +# +# 1. to run an application as root +# 2. add the following groups to the /etc/group file: +# floppy, play, sound +# + +# +# Here is a simple example: running 'xsh' on tty* (any ttyXXX device), +# the user 'us' is given access to the floppy (through membership of +# the floppy group) +# + +#xsh;tty*&!ttyp*;us;Al0000-2400;floppy + +# +# another example: running 'xsh' on tty* (any ttyXXX device), +# the user 'sword' is given access to games (through membership of +# the sound and play group) after work hours. +# + +#xsh; tty* ;sword;!Wk0900-1800;sound, play +#xsh; tty* ;*;Al0900-1800;floppy + +# +# End of group.conf file +# diff --git a/beagle/debian-rfs/etc/security/limits.conf b/beagle/debian-rfs/etc/security/limits.conf new file mode 100644 index 0000000..698e139 --- /dev/null +++ b/beagle/debian-rfs/etc/security/limits.conf @@ -0,0 +1,56 @@ +# /etc/security/limits.conf +# +#Each line describes a limit for a user in the form: +# +#<domain> <type> <item> <value> +# +#Where: +#<domain> can be: +# - an user name +# - a group name, with @group syntax +# - the wildcard *, for default entry +# - the wildcard %, can be also used with %group syntax, +# for maxlogin limit +# - NOTE: group and wildcard limits are not applied to root. +# To apply a limit to the root user, <domain> must be +# the literal username root. +# +#<type> can have the two values: +# - "soft" for enforcing the soft limits +# - "hard" for enforcing hard limits +# +#<item> can be one of the following: +# - core - limits the core file size (KB) +# - data - max data size (KB) +# - fsize - maximum filesize (KB) +# - memlock - max locked-in-memory address space (KB) +# - nofile - max number of open files +# - rss - max resident set size (KB) +# - stack - max stack size (KB) +# - cpu - max CPU time (MIN) +# - nproc - max number of processes +# - as - address space limit (KB) +# - maxlogins - max number of logins for this user +# - maxsyslogins - max number of logins on the system +# - priority - the priority to run user process with +# - locks - max number of file locks the user can hold +# - sigpending - max number of pending signals +# - msgqueue - max memory used by POSIX message queues (bytes) +# - nice - max nice priority allowed to raise to values: [-20, 19] +# - rtprio - max realtime priority +# - chroot - change root to directory (Debian-specific) +# +#<domain> <type> <item> <value> +# + +#* soft core 0 +#root hard core 100000 +#* hard rss 10000 +#@student hard nproc 20 +#@faculty soft nproc 20 +#@faculty hard nproc 50 +#ftp hard nproc 0 +#ftp - chroot /ftp +#@student - maxlogins 4 + +# End of file diff --git a/beagle/debian-rfs/etc/security/namespace.conf b/beagle/debian-rfs/etc/security/namespace.conf new file mode 100644 index 0000000..f973225 --- /dev/null +++ b/beagle/debian-rfs/etc/security/namespace.conf @@ -0,0 +1,28 @@ +# /etc/security/namespace.conf +# +# See /usr/share/doc/pam-*/txts/README.pam_namespace for more information. +# +# Uncommenting the following three lines will polyinstantiate +# /tmp, /var/tmp and user's home directories. /tmp and /var/tmp will +# be polyinstantiated based on the MLS level part of the security context as well as user +# name, Polyinstantion will not be performed for user root and adm for directories +# /tmp and /var/tmp, whereas home directories will be polyinstantiated for all users. +# The user name and context is appended to the instance prefix. +# +# Note that instance directories do not have to reside inside the +# polyinstantiated directory. In the examples below, instances of /tmp +# will be created in /tmp-inst directory, where as instances of /var/tmp +# and users home directories will reside within the directories that +# are being polyinstantiated. +# +# Instance parent directories must exist for the polyinstantiation +# mechanism to work. By default, they should be created with the mode +# of 000. pam_namespace module will enforce this mode unless it +# is explicitly called with an argument to ignore the mode of the +# instance parent. System administrators should use this argument with +# caution, as it will reduce security and isolation achieved by +# polyinstantiation. +# +#/tmp /tmp-inst/ level root,adm +#/var/tmp /var/tmp/tmp-inst/ level root,adm +#$HOME $HOME/$USER.inst/ level diff --git a/beagle/debian-rfs/etc/security/namespace.init b/beagle/debian-rfs/etc/security/namespace.init new file mode 100755 index 0000000..9898bf3 --- /dev/null +++ b/beagle/debian-rfs/etc/security/namespace.init @@ -0,0 +1,25 @@ +#!/bin/sh -p +# It receives polydir path as $1, the instance path as $2, +# a flag whether the instance dir was newly created (0 - no, 1 - yes) in $3, +# and user name in $4. +# +# The following section will copy the contents of /etc/skel if this is a +# newly created home directory. +if [ "$3" = 1 ]; then + # This line will fix the labeling on all newly created directories + [ -x /sbin/restorecon ] && /sbin/restorecon "$1" + user="$4" + passwd=$(getent passwd "$user") + homedir=$(echo "$passwd" | cut -f6 -d":") + if [ "$1" = "$homedir" ]; then + gid=$(echo "$passwd" | cut -f4 -d":") + cp -rT /etc/skel "$homedir" + chown -R "$user":"$gid" "$homedir" + mask=$(awk '/^UMASK/{gsub("#.*$", "", $2); print $2; exit}' /etc/login.defs) + mode=$(printf "%o" $((0777 & ~$mask))) + chmod ${mode:-700} "$homedir" + [ -x /sbin/restorecon ] && /sbin/restorecon -R "$homedir" + fi +fi + +exit 0 diff --git a/beagle/debian-rfs/etc/security/pam_env.conf b/beagle/debian-rfs/etc/security/pam_env.conf new file mode 100644 index 0000000..d0ba35c --- /dev/null +++ b/beagle/debian-rfs/etc/security/pam_env.conf @@ -0,0 +1,73 @@ +# +# This is the configuration file for pam_env, a PAM module to load in +# a configurable list of environment variables for a +# +# The original idea for this came from Andrew G. Morgan ... +#<quote> +# Mmm. Perhaps you might like to write a pam_env module that reads a +# default environment from a file? I can see that as REALLY +# useful... Note it would be an "auth" module that returns PAM_IGNORE +# for the auth part and sets the environment returning PAM_SUCCESS in +# the setcred function... +#</quote> +# +# What I wanted was the REMOTEHOST variable set, purely for selfish +# reasons, and AGM didn't want it added to the SimpleApps login +# program (which is where I added the patch). So, my first concern is +# that variable, from there there are numerous others that might/would +# be useful to be set: NNTPSERVER, LESS, PATH, PAGER, MANPAGER ..... +# +# Of course, these are a different kind of variable than REMOTEHOST in +# that they are things that are likely to be configured by +# administrators rather than set by logging in, how to treat them both +# in the same config file? +# +# Here is my idea: +# +# Each line starts with the variable name, there are then two possible +# options for each variable DEFAULT and OVERRIDE. +# DEFAULT allows and administrator to set the value of the +# variable to some default value, if none is supplied then the empty +# string is assumed. The OVERRIDE option tells pam_env that it should +# enter in its value (overriding the default value) if there is one +# to use. OVERRIDE is not used, "" is assumed and no override will be +# done. +# +# VARIABLE [DEFAULT=[value]] [OVERRIDE=[value]] +# +# (Possibly non-existent) environment variables may be used in values +# using the ${string} syntax and (possibly non-existent) PAM_ITEMs may +# be used in values using the @{string} syntax. Both the $ and @ +# characters can be backslash escaped to be used as literal values +# values can be delimited with "", escaped " not supported. +# Note that many environment variables that you would like to use +# may not be set by the time the module is called. +# For example, HOME is used below several times, but +# many PAM applications don't make it available by the time you need it. +# +# +# First, some special variables +# +# Set the REMOTEHOST variable for any hosts that are remote, default +# to "localhost" rather than not being set at all +#REMOTEHOST DEFAULT=localhost OVERRIDE=@{PAM_RHOST} +# +# Set the DISPLAY variable if it seems reasonable +#DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY} +# +# +# Now some simple variables +# +#PAGER DEFAULT=less +#MANPAGER DEFAULT=less +#LESS DEFAULT="M q e h15 z23 b80" +#NNTPSERVER DEFAULT=localhost +#PATH DEFAULT=${HOME}/bin:/usr/local/bin:/bin\ +#:/usr/bin:/usr/local/bin/X11:/usr/bin/X11 +# +# silly examples of escaped variables, just to show how they work. +# +#DOLLAR DEFAULT=\$ +#DOLLARDOLLAR DEFAULT= OVERRIDE=\$${DOLLAR} +#DOLLARPLUS DEFAULT=\${REMOTEHOST}${REMOTEHOST} +#ATSIGN DEFAULT="" OVERRIDE=\@ diff --git a/beagle/debian-rfs/etc/security/sepermit.conf b/beagle/debian-rfs/etc/security/sepermit.conf new file mode 100644 index 0000000..951f3df --- /dev/null +++ b/beagle/debian-rfs/etc/security/sepermit.conf @@ -0,0 +1,11 @@ +# /etc/security/sepermit.conf +# +# Each line contains either: +# - an user name +# - a group name, with @group syntax +# - a SELinux user name, with %seuser syntax +# Each line can contain optional arguments separated by : +# The possible arguments are: +# - exclusive - only single login session will +# be allowed for the user and the user's processes +# will be killed on logout diff --git a/beagle/debian-rfs/etc/security/time.conf b/beagle/debian-rfs/etc/security/time.conf new file mode 100644 index 0000000..c7b7989 --- /dev/null +++ b/beagle/debian-rfs/etc/security/time.conf @@ -0,0 +1,65 @@ +# this is an example configuration file for the pam_time module. Its syntax +# was initially based heavily on that of the shadow package (shadow-960129). +# +# the syntax of the lines is as follows: +# +# services;ttys;users;times +# +# white space is ignored and lines maybe extended with '\\n' (escaped +# newlines). As should be clear from reading these comments, +# text following a '#' is ignored to the end of the line. +# +# the combination of individual users/terminals etc is a logic list +# namely individual tokens that are optionally prefixed with '!' (logical +# not) and separated with '&' (logical and) and '|' (logical or). +# +# services +# is a logic list of PAM service names that the rule applies to. +# +# ttys +# is a logic list of terminal names that this rule applies to. +# +# users +# is a logic list of users or a netgroup of users to whom this +# rule applies. +# +# NB. For these items the simple wildcard '*' may be used only once. +# +# times +# the format here is a logic list of day/time-range +# entries the days are specified by a sequence of two character +# entries, MoTuSa for example is Monday Tuesday and Saturday. Note +# that repeated days are unset MoMo = no day, and MoWk = all weekdays +# bar Monday. The two character combinations accepted are +# +# Mo Tu We Th Fr Sa Su Wk Wd Al +# +# the last two being week-end days and all 7 days of the week +# respectively. As a final example, AlFr means all days except Friday. +# +# each day/time-range can be prefixed with a '!' to indicate "anything +# but" +# +# The time-range part is two 24-hour times HHMM separated by a hyphen +# indicating the start and finish time (if the finish time is smaller +# than the start time it is deemed to apply on the following day). +# +# for a rule to be active, ALL of service+ttys+users must be satisfied +# by the applying process. +# + +# +# Here is a simple example: running blank on tty* (any ttyXXX device), +# the users 'you' and 'me' are denied service all of the time +# + +#blank;tty* & !ttyp*;you|me;!Al0000-2400 + +# Another silly example, user 'root' is denied xsh access +# from pseudo terminals at the weekend and on mondays. + +#xsh;ttyp*;root;!WdMo0000-2400 + +# +# End of example file. +# diff --git a/beagle/debian-rfs/etc/skel/.bash_logout b/beagle/debian-rfs/etc/skel/.bash_logout new file mode 100644 index 0000000..de4f5f7 --- /dev/null +++ b/beagle/debian-rfs/etc/skel/.bash_logout @@ -0,0 +1,7 @@ +# ~/.bash_logout: executed by bash(1) when login shell exits. + +# when leaving the console clear the screen to increase privacy + +if [ "$SHLVL" = 1 ]; then + [ -x /usr/bin/clear_console ] && /usr/bin/clear_console -q +fi diff --git a/beagle/debian-rfs/etc/skel/.bashrc b/beagle/debian-rfs/etc/skel/.bashrc new file mode 100644 index 0000000..e96b37f --- /dev/null +++ b/beagle/debian-rfs/etc/skel/.bashrc @@ -0,0 +1,99 @@ +# ~/.bashrc: executed by bash(1) for non-login shells. +# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc) +# for examples + +# If not running interactively, don't do anything +[ -z "$PS1" ] && return + +# don't put duplicate lines in the history. See bash(1) for more options +# don't overwrite GNU Midnight Commander's setting of `ignorespace'. +HISTCONTROL=$HISTCONTROL${HISTCONTROL+:}ignoredups +# ... or force ignoredups and ignorespace +HISTCONTROL=ignoreboth + +# append to the history file, don't overwrite it +shopt -s histappend + +# for setting history length see HISTSIZE and HISTFILESIZE in bash(1) + +# check the window size after each command and, if necessary, +# update the values of LINES and COLUMNS. +shopt -s checkwinsize + +# make less more friendly for non-text input files, see lesspipe(1) +#[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)" + +# set variable identifying the chroot you work in (used in the prompt below) +if [ -z "$debian_chroot" ] && [ -r /etc/debian_chroot ]; then + debian_chroot=$(cat /etc/debian_chroot) +fi + +# set a fancy prompt (non-color, unless we know we "want" color) +case "$TERM" in + xterm-color) color_prompt=yes;; +esac + +# uncomment for a colored prompt, if the terminal has the capability; turned +# off by default to not distract the user: the focus in a terminal window +# should be on the output of commands, not on the prompt +#force_color_prompt=yes + +if [ -n "$force_color_prompt" ]; then + if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then + # We have color support; assume it's compliant with Ecma-48 + # (ISO/IEC-6429). (Lack of such support is extremely rare, and such + # a case would tend to support setf rather than setaf.) + color_prompt=yes + else + color_prompt= + fi +fi + +if [ "$color_prompt" = yes ]; then + PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' +else + PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ ' +fi +unset color_prompt force_color_prompt + +# If this is an xterm set the title to user@host:dir +case "$TERM" in +xterm*|rxvt*) + PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1" + ;; +*) + ;; +esac + +# enable color support of ls and also add handy aliases +if [ -x /usr/bin/dircolors ]; then + test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)" + alias ls='ls --color=auto' + #alias dir='dir --color=auto' + #alias vdir='vdir --color=auto' + + #alias grep='grep --color=auto' + #alias fgrep='fgrep --color=auto' + #alias egrep='egrep --color=auto' +fi + +# some more ls aliases +#alias ll='ls -l' +#alias la='ls -A' +#alias l='ls -CF' + +# Alias definitions. +# You may want to put all your additions into a separate file like +# ~/.bash_aliases, instead of adding them here directly. +# See /usr/share/doc/bash-doc/examples in the bash-doc package. + +if [ -f ~/.bash_aliases ]; then + . ~/.bash_aliases +fi + +# enable programmable completion features (you don't need to enable +# this, if it's already enabled in /etc/bash.bashrc and /etc/profile +# sources /etc/bash.bashrc). +if [ -f /etc/bash_completion ] && ! shopt -oq posix; then + . /etc/bash_completion +fi diff --git a/beagle/debian-rfs/etc/skel/.profile b/beagle/debian-rfs/etc/skel/.profile new file mode 100644 index 0000000..c9db459 --- /dev/null +++ b/beagle/debian-rfs/etc/skel/.profile @@ -0,0 +1,22 @@ +# ~/.profile: executed by the command interpreter for login shells. +# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login +# exists. +# see /usr/share/doc/bash/examples/startup-files for examples. +# the files are located in the bash-doc package. + +# the default umask is set in /etc/profile; for setting the umask +# for ssh logins, install and configure the libpam-umask package. +#umask 022 + +# if running bash +if [ -n "$BASH_VERSION" ]; then + # include .bashrc if it exists + if [ -f "$HOME/.bashrc" ]; then + . "$HOME/.bashrc" + fi +fi + +# set PATH so it includes user's private bin if it exists +if [ -d "$HOME/bin" ] ; then + PATH="$HOME/bin:$PATH" +fi diff --git a/beagle/debian-rfs/etc/terminfo/README b/beagle/debian-rfs/etc/terminfo/README new file mode 100644 index 0000000..2b3e139 --- /dev/null +++ b/beagle/debian-rfs/etc/terminfo/README @@ -0,0 +1,2 @@ +This directory is for system-local terminfo descriptions. By default, ncurses +will search this directory first, then /lib/terminfo, then /usr/share/terminfo. |